CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40353
https://notcve.org/view.php?id=CVE-2023-40353
08 Sep 2023 — An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application. Se ha detectado un problema en Exynos Mobile Processor 980 y 2100. Un desbordamiento de enteros en un índice de búfer puede impedir la ejecución de los servicios solicitados a través de una aplicación manipulada. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 24EXPL: 0CVE-2023-37367
https://notcve.org/view.php?id=CVE-2023-37367
08 Sep 2023 — An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages. Se descubrió un problema en el Procesador Móvil Samsung Exynos, el Procesador Automotive y el Módem ... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2023-37368
https://notcve.org/view.php?id=CVE-2023-37368
08 Sep 2023 — An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet. Se descub... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-37377
https://notcve.org/view.php?id=CVE-2023-37377
08 Sep 2023 — An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering. Se descubrió un problema en el Procesador Móvil Samsung Exynos y el Procesador Portátil (Exynos 980, Exynos 850, Exynos 2100 y Exynos W920). El manejo incorrecto de la incoherencia de los parámetros de longitud puede provocar un filtrado incorrecto de paquetes. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2023-36481
https://notcve.org/view.php?id=CVE-2023-36481
28 Aug 2023 — An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 0CVE-2023-21517
https://notcve.org/view.php?id=CVE-2023-21517
28 Jun 2023 — Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=06 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 9.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31114
https://notcve.org/view.php?id=CVE-2023-31114
07 Jun 2023 — An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-669: Incorrect Resource Transfer Between Spheres •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31115
https://notcve.org/view.php?id=CVE-2023-31115
07 Jun 2023 — An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause changes to the activation mode of RCS via a crafted application. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-669: Incorrect Resource Transfer Between Spheres •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31116
https://notcve.org/view.php?id=CVE-2023-31116
07 Jun 2023 — An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause unintended querying of RCS capability via a crafted application. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-29092 – wfc-pkt-router Incorrect Bind
https://notcve.org/view.php?id=CVE-2023-29092
05 May 2023 — An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface. wfc-pkt-router suffers from a vulnerability where it can wrongly bind to an external network interface instead of the VPN tunnel. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-732: Incorrect Permission Assignment for Critical Resource CWE-755: Improper Handling of Exceptional Conditions •