Input validation error in Samsung products - CVE-2025-59439
Published: February 2, 2026
Vulnerability identifier: #VU122237
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-59439
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Samsung
Affected software:
Exynos 980
Exynos 850
Exynos 1080
Exynos 9110
Exynos W920
Exynos W930
Exynos W1000
Exynos Modem 5123
Exynos 990
Exynos 980
Exynos 850
Exynos 1080
Exynos 9110
Exynos W920
Exynos W930
Exynos W1000
Exynos Modem 5123
Exynos 990
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect handling of NAS Registration messages. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
How to mitigate CVE-2025-59439
Install updates from vendor's website.