CVSS: 5.5EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21495
https://notcve.org/view.php?id=CVE-2023-21495
Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 50EXPL: 0CVE-2023-21496
https://notcve.org/view.php?id=CVE-2023-21496
Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-489: Active Debug Code •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-21503
https://notcve.org/view.php?id=CVE-2023-21503
Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 50EXPL: 0CVE-2023-21504
https://notcve.org/view.php?id=CVE-2023-21504
Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-29085 – Shannon Baseband SIP Status Line Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-29085
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line. There is a stack buffer overflow in Shannon Baseband when processing the status line of a SIP message (this happens in IMSPL_SipStatusLine.c according to the debug strings in the firmware image). • http://packetstormsecurity.com/files/172288/Shannon-Baseband-SIP-Status-Line-Stack-Buffer-Overflow.html https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-787: Out-of-bounds Write •