Out-of-bounds Write Vulnerability in Samsung Wearable Processor and Modems
CVE-2023-50807

8.1HIGH

Key Information:

Vendor

Samsung
Status
Exynos 9110 Firmware
Vendor
CVE Published:
9 July 2024

What is CVE-2023-50807?

A security vulnerability has been identified in Samsung's Wearable Processor and Modems, specifically affecting models including the Exynos 9110, Exynos Modem 5123, and Exynos Modem 5300. This flaw allows out-of-bounds writes in the heap memory, posing risks without requiring authentication. Exploitation of this vulnerability may enable potential attackers to manipulate memory allocations, leading to unpredictable behavior or security breaches. Samsung has provided guidance on mitigating this issue through updates and security patches.

References

https://semiconductor.samsung.com/support/quality-support...
https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2023-50807 : Out-of-bounds Write Vulnerability in Samsung Wearable Processor and Modems