The South Korean electronics giant Samsung has made quick work of a critical-rated vulnerability recently discovered and labeled CVE-2025-21043. This issue is a serious issue on all major versions of Android, including 13, 14, 15, and 16. The vulnerability has a CVSS score of 8.8, making it a critical threat. It allows remote, unauthenticated attackers to run arbitrary code on vulnerable devices.
This still leaves the question of disclosure to Samsung, though. This bug consists on an out-of-bounds write of the libimagecodec.quram.so library. Quramsoft created this proprietary tool for parsing images. This library is at the very heart of the support of almost every image format available on Android devices.
Understanding the Vulnerability
Most of the talk about CVE-2025-21043 so far has focused on why this should have all cybersecurity professionals ringing alarm bells. The out-of-bounds write may allow attackers to control memory in a way that results in arbitrary code execution. An unauthorized, remote attacker would be able to gain control of an affected device. There are very real threats of data breaches or even worse malicious outcomes.
Samsung should be commended for recognizing the seriousness of this issue and for moving quickly to address it. In their statement, they noted,
“Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code.” – Samsung
This serves to underscore just how critical this vulnerability is, and how urgently users need to update their devices.
Previous Reports and Context
This vulnerability follows on the heels of another libimagecodec.quram.so vulnerability being widely criticized. In 2020, Google Project Zero published a collaborative effort document highlighting multiple exploits associated with this library. It called out in particular vulnerabilities associated with the Multimedia Messaging Service (MMS). The report, titled “MMS Exploit, Part 1: Introduction to Qmage”, provided insight into how flaws in image processing libraries could be exploited.
The historical context in which this all occurred surrounding libimagecodec.quram.so makes this situation even scarier for users and developers. Considering its past role in security debates, constant watchfulness will be required.
Recommended Actions for Users
In view of this vulnerability, users of potentially impacted Android devices should act quickly. Samsung promised to release updates to mitigate CVE-2025-21043. These changes are planned to be released in the next security maintenance release, in September 2025. Users are advised to make sure their devices are updated as soon as updates become available to reduce the risk posed by this vulnerability.
Avoid downloading apps or media files from unverified sources. Not doing so could leave you dangerously at risk including the exploitation of known vulnerabilities.