Implementation Error in Exynos Baseband by Samsung
CVE-2023-21467

4.6MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 3 September 2025

What is CVE-2023-21467?

An implementation error in the 3GPP specification within the Exynos baseband allows for improper handling of unencrypted messages. This flaw may lead to unauthorized access or disruption in communication for devices utilizing affected versions of the Exynos baseband.

Affected Version(s)

Samsung Mobile Devices SMR Apr-2023 Release in Select devices using Exynos chipsets

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Nov 14, 2022