At Pwn2Own Ireland 2025, cybersecurity researchers Ben R. and Georgi G. from Interrupt Labs showcased an impressive achievement by successfully exploiting a zero-day vulnerability in the Samsung Galaxy S25.
This allowed them to gain full control over the device, enabling them to activate the camera and track the user’s location.
The exploit, revealed on the event’s final day, highlights ongoing security challenges in flagship Android smartphones despite rigorous testing by manufacturers.
This breach underscores the high-stakes world of ethical hacking competitions, where vulnerabilities are disclosed responsibly to improve global device security.
The core issue exploited by the Interrupt Labs team stemmed from an improper input validation bug within the Galaxy S25’s software stack, allowing attackers to bypass safeguards and execute arbitrary code remotely.
Samsung Galaxy S25 0-Day Vulnerability
By crafting malicious inputs, the researchers demonstrated how an adversary could silently hijack the device without user interaction, a technique that evaded Samsung’s defenses during the live contest.
This vulnerability, undisclosed prior to the event, enabled persistent access, turning the premium smartphone into a surveillance tool capable of capturing photos, videos, and real-time GPS data.
Experts note that such flaws often arise in multimedia or system libraries, where rapid feature development outpaces security hardening.
For their sophisticated exploit chain, Ben R. and Georgi G. earned $50,000 in prize money along with 5 Master of Pwn points, contributing to the event’s massive $2 million total payout across 73 unique zero-days.
Pwn2Own, organized by the Zero Day Initiative, rewards participants for responsibly disclosing flaws, ensuring vendors like Samsung receive detailed reports for patching.
Samsung has yet to issue a specific statement on this Galaxy S25 exploit, but historical patterns suggest an imminent security update will address it, similar to recent fixes for other Android zero-days.
Users are advised to enable automatic updates and monitor official channels for patches, as unmitigated exploits could expose sensitive data in real-world attacks.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
