Samsung has started rolling out its monthly Android security update. The update fixes a serious zero-day security issue that was already being used in real attacks.
The flaw is tracked as CVE-2025-21043 and has a CVSS score of 8.8. It was caused by an out-of-bounds write in libimagecodec.quram.so, a library used for handling image formats. If not patched, it could allow attackers to run harmful code on a device.
Samsung confirmed that the problem affects Android 13, 14, 15, and 16. The company also said the issue was reported to them on August 13, 2025.
The library libimagecodec.quram.so is developed by Quramsoft and is not open-source. It has been used in Samsung phones for years to process images.
While Samsung did not reveal details of the ongoing attacks, it admitted that hackers have already used this flaw in the wild.
This update comes shortly after Google patched two other Android security issues — CVE-2025-38352 and CVE-2025-48543 — that were also exploited in targeted attacks.
If you are using a Samsung device, it is recommended to install the latest update as soon as it becomes available.
