Out-of-Bounds Write Vulnerability in Samsung Mobile and Wearable Processors
CVE-2023-50805

8.1HIGH

Key Information:

Vendor

Samsung
Status
Exynos 1080 Firmware
Vendor
CVE Published:
9 July 2024

What is CVE-2023-50805?

A vulnerability exists in specific Samsung Mobile and Wearable Processors that allows for an out-of-bounds write condition in the heap memory, particularly within the context of 2G communications. This flaw could potentially be exploited without authentication, leading to unauthorized access or manipulation. The impacted models include a range from Exynos 980 to Exynos 2200 and various modems, making it crucial for users and administrators to apply security updates promptly to mitigate risks.

References

https://semiconductor.samsung.com/support/quality-support...
https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.