Authentication Bypass Vulnerability in Samsung Mobile Processors
CVE-2023-50804

5.3MEDIUM

Key Information:

Vendor: Samsung
Status: Exynos 9820 Firmware
Vendor: CVE Published:; 5 June 2024

What is CVE-2023-50804?

A vulnerability has been identified in the Samsung Mobile Processor series, particularly impacting the baseband software associated with various Exynos models. The issue arises from improper validation of format types specified by the NAS (Non-Access-Stratum) module, potentially allowing unauthorized access or actions by bypassing authentication processes. This presents a significant security risk for devices utilizing these processors.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 5, 2024