10/04/2026

Week 15 – One Text Away: The Samsung Exynos Zero-Click Threat

06 -12 Apr 2026

A newly disclosed Samsung Exynos vulnerability allows attackers to compromise a device with nothing more than a malicious SMS. No clicks. No user interaction. Just one message.

Critical vulnerability has been found with the CVSS score of 10 in CVE-2025-543284.

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DATA messages.

What is RP-DATA

In simple terms, RP-DATA (Relay Protocol Data) is the low‑level SMS packet that the modem processes before any messages appears on the screen.
RP-DATA message is a 3GPP-defined data unit used in mobile networks (GSM, UMTS, LTE) to transport SMS messages between a mobile station (phone) and the Service Center (SMSC). It carries the actual text content and signaling information, acting as the carrier for SMS transfer.

Why is it so critical?

Every affected device is exposed to remote attackers, who can compromise the targeted devices with a malformed SMS message which contains malicious code.
The attackvector is the processor itself, meaning the user won’t see anything suspicious.
Since the root problem is in the processor’s firmware, SIM card type and service provider are irrelevant to the attack’s success.

How can we mitigate this vulnerability?

If you had a thought of throwing away your SIM, please make installing the latest firmware update provided by Samsung.

Vulnerabilities in the modem layer are rare, but when they appear, they bypass most traditional security controls. Keeping firmware updated is more critical than ever.

https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54328/
https://cvefeed.io/vuln/detail/CVE-2025-54328
https://app.opencve.io/cve/CVE-2025-54328

White Hat IT Security is a Europe-based Managed Security Services Provider (MSSP) and proud Microsoft Solution Partner. Its Microsoft-verified managed security solutions (MXDR) reflect their deep expertise and commitment to excellence in cybersecurity. The company was awarded the Partner of the Year Hungary Award by Microsoft in 2024 and 2025.

With the largest incident response capacity in the CEE region, they’re trusted by organizations to deliver fast, effective, and proactive protection. Their portfolio includes penetration testing, vulnerability assessments, managed Cyber Threat Intelligence, as well as Governance, Risk and Compliance (GRC) consulting and specialized security training.

They are committed to supporting professional initiatives that aim to raise cybersecurity awareness and maturity—both for individuals and organizations. They regularly contribute to the community through knowledge sharing, education, and outreach, helping to build a safer digital future for all.

Author: White Hat IT Security

Filed Under: CVE of the Week

Tags: cve, cveoftheweek, cybersecurity, informationsecurity, WhiteHatITSecurity, WhiteHatSeries

Week 14 – Cracked Open: A Critical F5 Flaw Hiding Inside the Easter Egg