CVE-2024-29152

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information.

Se descubrió un problema en el procesador móvil, el procesador portátil, el procesador automotriz y el módem Samsung Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 2400, 9110, W920, W930, Módem 5123, Módem 5300, y Auto T5123. El software de banda base no verifica adecuadamente los estados especificados en el mensaje de reconfiguración de RRC (control de recursos de radio). Esto puede dar lugar a la divulgación de información confidencial.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-03-18 CVE Reserved
2024-06-04 CVE Published
2024-06-26 EPSS Updated
2024-10-27 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://semiconductor.samsung.com/support/quality-support/product-security-updates	2024-06-25

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Samsung Search vendor "Samsung"	Exynos 980 Firmware Search vendor "Samsung" for product "Exynos 980 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 980 Search vendor "Samsung" for product "Exynos 980"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 990 Firmware Search vendor "Samsung" for product "Exynos 990 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 990 Search vendor "Samsung" for product "Exynos 990"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 850 Firmware Search vendor "Samsung" for product "Exynos 850 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 850 Search vendor "Samsung" for product "Exynos 850"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 1080 Firmware Search vendor "Samsung" for product "Exynos 1080 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 1080 Search vendor "Samsung" for product "Exynos 1080"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 2100 Firmware Search vendor "Samsung" for product "Exynos 2100 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 2100 Search vendor "Samsung" for product "Exynos 2100"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 2200 Firmware Search vendor "Samsung" for product "Exynos 2200 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 2200 Search vendor "Samsung" for product "Exynos 2200"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 1280 Firmware Search vendor "Samsung" for product "Exynos 1280 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 1280 Search vendor "Samsung" for product "Exynos 1280"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 1380 Firmware Search vendor "Samsung" for product "Exynos 1380 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 1380 Search vendor "Samsung" for product "Exynos 1380"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 1330 Firmware Search vendor "Samsung" for product "Exynos 1330 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 1330 Search vendor "Samsung" for product "Exynos 1330"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 2400 Firmware Search vendor "Samsung" for product "Exynos 2400 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 2400 Search vendor "Samsung" for product "Exynos 2400"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos 9110 Firmware Search vendor "Samsung" for product "Exynos 9110 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos 9110 Search vendor "Samsung" for product "Exynos 9110"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos W920 Firmware Search vendor "Samsung" for product "Exynos W920 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos W920 Search vendor "Samsung" for product "Exynos W920"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos W930 Firmware Search vendor "Samsung" for product "Exynos W930 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos W930 Search vendor "Samsung" for product "Exynos W930"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos Modem 5123 Firmware Search vendor "Samsung" for product "Exynos Modem 5123 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos Modem 5123 Search vendor "Samsung" for product "Exynos Modem 5123"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos Modem 5300 Firmware Search vendor "Samsung" for product "Exynos Modem 5300 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos Modem 5300 Search vendor "Samsung" for product "Exynos Modem 5300"	-	-	Safe
Samsung Search vendor "Samsung"	Exynos Auto T5123 Firmware Search vendor "Samsung" for product "Exynos Auto T5123 Firmware"	-	-	Affected	in	Samsung Search vendor "Samsung"	Exynos Auto T5123 Search vendor "Samsung" for product "Exynos Auto T5123"	-	-	Safe