Memory Corruption Vulnerability in Samsung Exynos Processors and Modems
CVE-2023-29090

7.5HIGH

Key Information:

Vendor
Samsung
Status
Exynos 5300 Firmware
Vendor
CVE Published:
14 April 2023

Summary

A vulnerability has been identified in the Samsung Exynos Mobile Processor and Modem that may lead to memory corruption. This issue arises from inadequate validation of parameters during the decoding process of SIP Via headers. If exploited, this vulnerability could compromise the integrity of affected devices, enabling attackers to execute unauthorized actions. This affects various models, specifically the Exynos Modem 5123, Exynos Modem 5300, and other Exynos processors, emphasizing the need for prompt updates and patches.

References

https://semiconductor.samsung.com/support/quality-support...
http://packetstormsecurity.com/files/172287/Shannon-Baseb...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.