Samsung Exynos Processors Vulnerable to Denial of Service Attack
CVE-2024-39343

7HIGH

Key Information:

Vendor: Samsung
Status: Exynos 2100 Firmware
Vendor: CVE Published:; 2 December 2024

What is CVE-2024-39343?

A vulnerability identified in Samsung's Exynos mobile and wearable processors, specifically in the MM (Mobility Management) module of the baseband software, permits an improper validation of length checks. This oversight could potentially lead to a Denial of Service, affecting the operation of devices utilizing the Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, along with Modem 5123 and Modem 5300. Users of these processors should be aware of this security flaw and take appropriate measures to mitigate any risks associated with its exploitation.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 2, 2024
Vulnerability Reserved
Jun 24, 2024