CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-46920
https://notcve.org/view.php?id=CVE-2024-46920
13 Jan 2025 — An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadInputBuffers. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: 19EXPL: 0CVE-2024-48883
https://notcve.org/view.php?id=CVE-2024-48883
13 Jan 2025 — An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling message, resulting in an information leak of the UE. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2024-46921
https://notcve.org/view.php?id=CVE-2024-46921
13 Jan 2025 — An issue was discovered in Samsung Mobile Processor and Modem Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W1000, Modem 5123, Modem 5300, Modem 5400. UE does not limit the number of attempts for the RRC Setup procedure in the 5G SA, leading to a denial of service (battery-drain attack). • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-46919
https://notcve.org/view.php?id=CVE-2024-46919
13 Jan 2025 — An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadOutputBuffers. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 18EXPL: 0CVE-2024-45184
https://notcve.org/view.php?id=CVE-2024-45184
11 Oct 2024 — An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with chipset Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, and Modem 5300. A USAT out-of-bounds write due to a heap buffer overflow can lead to a Denial of Service. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-44068
https://notcve.org/view.php?id=CVE-2024-44068
07 Oct 2024 — An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. A Use-After-Free in the mobile processor leads to privilege escalation. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 32EXPL: 0CVE-2023-50806
https://notcve.org/view.php?id=CVE-2023-50806
09 Jul 2024 — A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command. Se descubrió una vulnerabilidad en el procesador móvil, procesador portátil y módems de Samsung con versiones Exy... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 17EXPL: 0CVE-2024-28068
https://notcve.org/view.php?id=CVE-2024-28068
09 Jul 2024 — A vulnerability was discovered in SS in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves a NULL pointer dereference which can cause abnormal termination of a mobile phone via a manipulated packet. Se descubrió una vulnerabilidad en SS en Proce... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 0CVE-2024-29153
https://notcve.org/view.php?id=CVE-2024-29153
09 Jul 2024 — A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves incorrect authorization of LTE NAS messages and leads to downgrading to lower network generations and repeated DDOS. Se descubrió una vulnerabilidad en el procesador móvil, ... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 26EXPL: 0CVE-2023-49927
https://notcve.org/view.php?id=CVE-2023-49927
05 Jun 2024 — An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption. Se descubrió un problema en el procesador móvil Samsung, el procesador automotriz, el procesador portátil y el módem Exynos 980, 99... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-311: Missing Encryption of Sensitive Data CWE-331: Insufficient Entropy •