Improper Boundary Check in Eden Runtime HAL Service by Samsung
CVE-2022-23428

8.4HIGH

Key Information:

Vendor: Samsung
Status: Samsung Devices With Exynos Chipsets
Vendor: CVE Published:; 11 February 2022

What is CVE-2022-23428?

A vulnerability exists in Samsung's Eden Runtime HAL Service due to an improper boundary check. This flaw may allow an attacker to write to arbitrary memory locations and could lead to unauthorized code execution. It is crucial for users to ensure they are using the latest security updates to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Samsung Mobile Devices with Exynos chipsets Q(10.0), R(11.0), S(12.0) devices with selected Exynos chipsets

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

x_refsource_MISC

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2022
Vulnerability Reserved
Jan 18, 2022