CISA points Samsung smartphone safety replace warning.
SOPA Photos/LightRocket by way of Getty Photos
Following the current affirmation that hackers exploited a vital zero-day vulnerability in Samsung’s Android picture processing library to put in Landfall smartphone spyware throughout assaults, America’s Cyber Protection Company, and the U.S. nationwide coordinator for vital infrastructure safety and resilience, CISA, has urged all organisations to replace as quickly as potential. Some federal businesses have a compulsory obligation to replace inside 21 days.
Guarantee Your Samsung Is Up to date In opposition to CVE-2025-21042
As I reported on November 8, attackers have been confirmed as being profitable in utilizing a zero-day vulnerability inside the Samsung Android picture processing library, CVE-2025-21042, to put in spyware and adware on smartphones.
Safety researchers from the Palo Alto Networks Unit 42 group printed an in-depth analysis of the assaults, detailing how CVE-2025-21042 was exploited within the wild earlier than being patched by Samsung in April. This was no peculiar malware, both; this was commercial-grade spyware and adware of the very best order. It’s understood that the assaults began as early as July 2024, and had been in operation for months till lastly being patched by Samsung.
Unit 42 stated that CVE-2025-21042 was not the primary and is unlikely to be the final vulnerability that may be exploited by LandFall or comparable spyware and adware exploits. I’ve approached Samsung for an announcement.
Replace Your Samsung Units Now, By Order Of CISA
In case you have already utilized that replace, sit again and loosen up — you might be totally coated towards any danger from this Landfall assault. Nevertheless, in case you are amongst these organizations who haven’t, for no matter cause, then CISA needs to have an pressing phrase: replace now. OK, two phrases, however you get the thought.
CISA has added CVE-2025-21042 flaw to the Recognized Exploited Vulnerabilities catalog, which suggests it’s now formally flagged as actively exploited, and Federal Civilian Govt Department businesses are legally mandated to safe their Samsung gadgets inside 21 days or cease utilizing them.
“Though BOD 22-01 solely applies to FCEB businesses,” CISA said, “CISA strongly urges all organizations to cut back their publicity to cyberattacks by prioritizing well timed remediation of KEV Catalog vulnerabilities as a part of their vulnerability administration observe.” So, Samsung customers, you recognize what to do and when to do it. What are you ready for?
