Exynos Mobile and Wearable Processors Vulnerability in Samsung Products
CVE-2023-49927

5.3MEDIUM

Key Information:

Vendor: Samsung
Status: Exynos 9820 Firmware
Vendor: CVE Published:; 5 June 2024

What is CVE-2023-49927?

A vulnerability has been identified in Samsung's Exynos processor line, specifically impacting mobile processors and wearable devices. The issue arises from insufficient verification of format types within the baseband software related to the Radio Resource Control (RRC). This flaw may compromise encryption security, potentially exposing sensitive data. Affected products include a range of Exynos chips, from older models like the Exynos 9110 to newer ones like the Exynos 2200. Users and developers should take immediate action to safeguard against possible exploitation.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 5, 2024