Samsung's zero-click vulnerability: The risk from a single photo.

CTVXNovember 12, 2025 10:51

A critical vulnerability allowed hackers to install the Landfall spyware on Samsung Galaxy S22, S23, and S24 phones simply through an image file sent via WhatsApp. Samsung has released a patch.

A critical security vulnerability in Samsung Galaxy phones allows hackers to take control of the device and steal sensitive data simply by sending an image file. This attack requires no user interaction, raising significant concerns about information security.

Security experts from Palo Alto Networks' Unit 42 have discovered a spyware campaign called "Landfall," which exploits a zero-day vulnerability in Samsung's software for approximately 10 months, from July 2024 to April 2025. Users are advised to update their software immediately to protect their devices.

How does the "zero-click" vulnerability work?

The Landfall campaign exploited a previously undisclosed security vulnerability, identified as CVE-2025-21042. This vulnerability allowed attackers to remotely execute malicious code simply by sending a specially crafted image through popular messaging applications such as WhatsApp.

Các điện thoại Samsung đang bị hacker lợi dụng tấn công dữ liệu
The security vulnerability allows hackers to access data on Samsung devices without user interaction.

This type of attack is classified as "zero-click," meaning the victim doesn't need to open, view, or interact with the image for the malware to be activated. Hackers simply send a DNG image file to the target. Once the device receives this file, the vulnerability is automatically exploited, allowing the attacker to access the device without the user's knowledge. This sophisticated method can easily bypass traditional security measures.

Level of impact and data at risk

The Landfall spyware targets specific Samsung models, including the Galaxy S22, S23, S24, and some devices in the Galaxy Z series. Devices running Android versions 13 through 15 are also at risk.

Bạn nên cẩn thận khi được người lạ gửi ảnh trên Whatapp
Users should exercise caution when receiving files, especially images, from unknown senders via messaging apps.

Once successfully installed, spyware can access and steal a large amount of personal data. Sensitive information that may be compromised includes:

  • Personal photos and videos
  • Text messages and emails
  • Contacts and call logs
  • Geographic location data
  • Record ambient sounds through the device's microphone.

The breach of such a large amount of data has raised significant concerns about user privacy and security, highlighting the potential risks associated with vulnerabilities in widely used technologies.

Samsung's solution and recommendations for users.

To counter this threat, Samsung released a security patch in April 2025. This update fixed the CVE-2025-21042 vulnerability, preventing the Landfall spyware exploit.

Samsung đã vá lỗ hổng bảo mật này trong bản cập nhật phần mềm mới nhất
Samsung has released a software update to patch this critical security vulnerability.

All users of the aforementioned Samsung devices are advised to check for and install the latest software update immediately. To do this, users can access the following link:Settings > Software Update > Download & Install.

0 0 0
x
Samsung's zero-click vulnerability: The risk from a single photo.
Google News
POWERED BYFREECMS- A PRODUCT OFNEKO