CVE-2021-25487

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero
Triaged: March 5, 2026
VulnLookup ↗ NVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24
2.68%
probability
This CVE has a 2.68% probability of being exploited in the next 30 days.
0% Top 86.0th percentile of all CVEs 100%
CVSS score unavailable
Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Description

Project Zero
Arbitrary code execution via OOB read in modem interface driver

Attack Intelligence

Google Project Zero

Discovered
July 26, 2021
Patched
Oct. 1, 2021
Reported by
???
Root Cause Analysis
???

Signal Intelligence

Confidence
95%
EPSS 2.68%
Mentions 0

CNA Information

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Triage Info

Decided atMar 05, 2026