CVE-2025-62817
Received Received - Intake

NULL Pointer Dereference in Samsung Exynos Processors Causes DoS

Vulnerability report for CVE-2025-62817, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-03

Last updated on: 2026-03-10

Assigner: MITRE

Description

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session->ncp_hdr_buf in __pilot_parsing_ncp() causes a denial of service.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-03
Last Modified
2026-03-10
Generated
2026-07-06
AI Q&A
2026-03-03
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 7 associated CPEs
Vendor Product Version / Range
samsung exynos_1280_firmware *
samsung exynos_1380_firmware *
samsung exynos_1480_firmware *
samsung exynos_1580_firmware *
samsung exynos_2200_firmware *
samsung exynos_2400_firmware *
samsung exynos_2500_firmware *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2025-62817 is a medium-severity vulnerability affecting Samsung Exynos processors, specifically models 1280, 1380, 1480, 1580, 2200, 2400, and 2500.'}, {'type': 'paragraph', 'content': 'The issue arises from a null pointer dereference of the variable "session->ncp_hdr_buf" within the function __pilot_parsing_ncp(), which leads to a denial of service (DoS) condition.'}, {'type': 'paragraph', 'content': 'This vulnerability is located in the Neural Processing Unit (NPU) component of the affected processors.'}] [1]

Impact Analysis

This vulnerability can cause a denial of service (DoS) condition on affected Samsung Exynos processors.

A denial of service means that the affected device or system may become unresponsive or crash due to the null pointer dereference issue.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-62817. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart