CVE-2023-41112

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). A buffer copy, without checking the size of the input, can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.

Se descubrió un problema en Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300 y Auto T5123). Una copia del búfer, sin comprobar el tamaño de la entrada, puede provocar una terminación anormal de un teléfono móvil. Esto ocurre en la tarea RLC y en el módulo RLC.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-08-23 CVE Reserved
2023-11-08 CVE Published
2023-11-15 EPSS Updated
2024-09-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://semiconductor.samsung.com/support/quality-support/product-security-updates	2023-11-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Samsung Search vendor "Samsung"	Exynos 9810 Firmware Search vendor "Samsung" for product "Exynos 9810 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 9810 Search vendor "Samsung" for product "Exynos 9810"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 9610 Firmware Search vendor "Samsung" for product "Exynos 9610 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 9610 Search vendor "Samsung" for product "Exynos 9610"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 9820 Firmware Search vendor "Samsung" for product "Exynos 9820 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 9820 Search vendor "Samsung" for product "Exynos 9820"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 980 Firmware Search vendor "Samsung" for product "Exynos 980 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 980 Search vendor "Samsung" for product "Exynos 980"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 850 Firmware Search vendor "Samsung" for product "Exynos 850 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 850 Search vendor "Samsung" for product "Exynos 850"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 1080 Firmware Search vendor "Samsung" for product "Exynos 1080 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 1080 Search vendor "Samsung" for product "Exynos 1080"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 2100 Firmware Search vendor "Samsung" for product "Exynos 2100 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 2100 Search vendor "Samsung" for product "Exynos 2100"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 2200 Firmware Search vendor "Samsung" for product "Exynos 2200 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 2200 Search vendor "Samsung" for product "Exynos 2200"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 1280 Firmware Search vendor "Samsung" for product "Exynos 1280 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 1280 Search vendor "Samsung" for product "Exynos 1280"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 1380 Firmware Search vendor "Samsung" for product "Exynos 1380 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 1380 Search vendor "Samsung" for product "Exynos 1380"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 1330 Firmware Search vendor "Samsung" for product "Exynos 1330 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 1330 Search vendor "Samsung" for product "Exynos 1330"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 9110 Firmware Search vendor "Samsung" for product "Exynos 9110 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 9110 Search vendor "Samsung" for product "Exynos 9110"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos W920 Firmware Search vendor "Samsung" for product "Exynos W920 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos W920 Search vendor "Samsung" for product "Exynos W920"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos Modem 5123 Firmware Search vendor "Samsung" for product "Exynos Modem 5123 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos Modem 5123 Search vendor "Samsung" for product "Exynos Modem 5123"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos Modem 5300 Firmware Search vendor "Samsung" for product "Exynos Modem 5300 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos Modem 5300 Search vendor "Samsung" for product "Exynos Modem 5300"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos Auto T5123 Firmware Search vendor "Samsung" for product "Exynos Auto T5123 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos Auto T5123 Search vendor "Samsung" for product "Exynos Auto T5123"	-	-	Safe