Improper Resource Binding in Exynos Mobile Processor and Modem
CVE-2023-29092

7.8HIGH

Key Information:

Vendor: Samsung
Status: Exynos 5123 Firmware
Vendor: CVE Published:; 9 May 2023

What is CVE-2023-29092?

A vulnerability has been identified within the Exynos Mobile Processor and Modem that arises from improper parameter handling during the binding of network interfaces. This improper resource binding can expose devices utilizing specific Exynos modem variants to potential security risks, highlighting the need for immediate attention from affected users and system administrators to ensure security measures are in place.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 9, 2023
Vulnerability Reserved
Mar 31, 2023

Samsung

What is CVE-2023-29092?

References

CVSS V3.1

Timeline