Integer Overflow Vulnerability in Exynos Mobile Processors by Samsung
CVE-2023-40353

2LOW

Key Information:

Vendor: Samsung
Status: Exynos 980 Firmware
Vendor: CVE Published:; 8 September 2023

What is CVE-2023-40353?

A vulnerability has been identified in Samsung's Exynos Mobile Processor series, specifically affecting the Exynos 980 and 2100 models. This integer overflow issue at a buffer index can potentially disrupt the execution of intended services when targeted by a crafted application. Malicious actors could exploit this vulnerability to gain unauthorized control over the impacted devices, resulting in compromised systems and user data.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 8, 2023
Vulnerability Reserved
Aug 14, 2023