Galaxy security updates in April: Samsung closes critical vulnerabilities
Samsung closes 47 vulnerabilities on Galaxy smartphones with the April security update. 14 of them are critical, four others classified as high affect Exynos.
A Samsung Galaxy smartphone is receiving an update.
(Image: Below the Sky / Shutterstock.com)
Samsung has been distributing important security patches for numerous Galaxy smartphones since April 7. The update should be rolled out gradually to all models still supported by the manufacturer. Samsung classifies 14 of the 47 patched security vulnerabilities as “critical.”
As the company writes on its website about security updates, some of the patches come from Google, which are listed in the April 2026 security bulletin. Other patches, however, only affect Samsung devices. Among other things, attackers are said to be able to target Android smartphones through the vulnerabilities and cause devices to crash. In addition, unauthorized access to cryptographic keys that are actually isolated is said to be possible. Therefore, it is advisable to install the patches as soon as they are offered.
Videos by heise
More vulnerabilities in Exynos chips
Four vulnerabilities classified as high (CVE-2025-52908, CVE-2025-52909, CVE-2025-54601, CVE-2025-54602) affect Samsung's semiconductor division's Exynos chips. Consequently, devices with Qualcomm or MediaTek chips are not affected. Errors at the hardware level can, under certain circumstances, undermine the entire security architecture of a device if they remain unpatched. In addition to patches from Google and Samsung's semiconductor division, the company is providing ten further SVE entries (Samsung Vulnerabilities and Exposures) with the security patch to seal the system.
Samsung classifies three of the SVEs as “high,” while the others are “moderate.” The high-classified vulnerabilities allow attackers with physical access to the device to bypass “Knox Guard” through faulty checking of exceptional states in “Device Care” (SVE-2025-2188 (CVE-2026-21007)), among other things. Another vulnerability (SVE-2025-2589 (CVE-2026-21010)) allows local attackers to trigger functions with elevated privileges in retail mode. The third vulnerability classified as high allows physical attackers to bypass restrictions by faulty input validation of data to network restrictions (SVE-2026-0775 (CVE-2026-21003)). Many of the vulnerabilities affect Android versions 14, 15, and 16.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(afl)
