ГлавнаяУязвимости → CVE-2024-56426
7.5высокая

CVE-2024-56426

Описание

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target.

Затрагиваемое ПО
Samsung Exynos 1080 firmwareSamsung Exynos 1080Samsung Exynos 1280 firmwareSamsung Exynos 1280Samsung Exynos 1330 firmwareSamsung Exynos 1330Samsung Exynos 1380 firmwareSamsung Exynos 1380Samsung Exynos 1480 firmwareSamsung Exynos 1480Samsung Exynos 2200 firmwareSamsung Exynos 2200Samsung Exynos 2400 firmwareSamsung Exynos 2400Samsung Exynos 850 firmwareSamsung Exynos 850Samsung Exynos 980 firmwareSamsung Exynos 980Samsung Exynos 990 firmwareSamsung Exynos 990Samsung Exynos 2100 firmwareSamsung Exynos 2100Samsung Exynos w1000 firmwareSamsung Exynos w1000Samsung Exynos w920 firmware
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://semiconductor.samsung.com/support/quality-support/product-security-updates/https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-56426/