Samsung on Thursday said it has patched a critical remote code execution vulnerability in its Android devices, tracked as CVE-2025-21043. The flaw was disclosed earlier in August 2025 and was tied to the closed-source image parsing library libimagecodec.quram.so, developed by Quramsoft in Yongin, South Korea. The fix was delivered as part of Samsung’s September 2025 Security Maintenance Release.
The vulnerability is an out-of-bounds write that could allow attackers to execute malicious code on vulnerable devices by sending specially crafted image files. In practical terms, a user could be compromised without opening or downloading anything suspicious.
Quramsoft’s libimagecodec.quram.so is used by several messaging apps, meaning the impact could extend beyond Samsung’s own software. The company did not specify which apps were targeted, and security experts warned of continued risk until patches are widely installed.
Samsung’s September 2025 Security Maintenance Release includes patches from Google and Samsung’s semiconductor division, addressing a long list of high and critical flaws across Android 13 through Android 16. The update is available at Samsung’s security update page.
WhatsApp has also taken steps to strengthen its security posture, patching another serious flaw in August 2025 as part of ongoing efforts to harden mobile messaging apps.
Analysts, including Ms. Nivedita Murthy, Senior Staff Consultant at Black Duck, urged users to install the update promptly. “Keeping devices up to date is a fundamental aspect of basic security hygiene,” Murthy said.