Heap-based Buffer Overflow Vulnerability in Samsung Mobile Chipset Products
CVE-2023-26074
9.8CRITICAL
What is CVE-2023-26074?
A heap-based buffer overflow vulnerability has been identified in Samsung's Mobile Chipset, specifically within the 5G MM message codec. This issue arises due to inadequate parameter validation when decoding operator-defined access category definitions across several Exynos chipsets, including the Exynos 850, 980, 1080, 1280, 2200, and their corresponding modem chipsets. Exploitation of this flaw could potentially allow unauthorized access or remote code execution, posing significant risks to device security.