Man-in-the-Middle Vulnerability in Samsung Exynos Modem 5300
CVE-2024-28067

3.7LOW

Key Information:

Vendor: Samsung
Status: Exynos Modem 5300 Firmware
Vendor: CVE Published:; 9 July 2024

What is CVE-2024-28067?

A security flaw in the Samsung Exynos Modem 5300 enables a potential Man-in-the-Middle (MITM) attack. This vulnerability allows attackers to downgrade the security mode of communication packets directed towards the victim. As a result, sensitive messages can be transmitted in plaintext, exposing them to interception and misuse. This situation poses significant risks for users relying on affected devices for secure communications.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 9, 2024