Описание
A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth).
Затрагиваемое ПО
Samsung Exynos 1080 firmwareSamsung Exynos 1080Samsung Exynos 1280 firmwareSamsung Exynos 1280Samsung Exynos 1330 firmwareSamsung Exynos 1330Samsung Exynos 1380 firmwareSamsung Exynos 1380Samsung Exynos 2100 firmwareSamsung Exynos 2100Samsung Exynos 2200 firmwareSamsung Exynos 2200Samsung Exynos 850 firmwareSamsung Exynos 850Samsung Exynos 9110 firmwareSamsung Exynos 9110Samsung Exynos 980 firmwareSamsung Exynos 980Samsung Exynos 9820 firmwareSamsung Exynos 9820Samsung Exynos 9825 firmwareSamsung Exynos 9825Samsung Exynos 990 firmwareSamsung Exynos 990Samsung Exynos modem 5123 firmware
CVSS
| Балл | 8.1 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Источники
https://semiconductor.samsung.com/support/quality-support/product-security-updates/https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50805/https://semiconductor.samsung.com/support/quality-support/product-security-updates/https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50805/