9.1критическая
CVE-2025-27891
Описание
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets.
Затрагиваемое ПО
Samsung Exynos 980 firmwareSamsung Exynos 980Samsung Exynos 990 firmwareSamsung Exynos 990Samsung Exynos 850 firmwareSamsung Exynos 850Samsung Exynos 1080 firmwareSamsung Exynos 1080Samsung Exynos 2100 firmwareSamsung Exynos 2100Samsung Exynos 1280 firmwareSamsung Exynos 1280Samsung Exynos 2200 firmwareSamsung Exynos 2200Samsung Exynos 1330 firmwareSamsung Exynos 1330Samsung Exynos 1380 firmwareSamsung Exynos 1380Samsung Exynos 1480 firmwareSamsung Exynos 1480Samsung Exynos 2400 firmwareSamsung Exynos 2400Samsung Exynos w920 firmwareSamsung Exynos w920Samsung Exynos w930 firmware
CVSS
| Балл | 9.1 — критическая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
Источники
https://semiconductor.samsung.com/support/quality-support/product-security-updates/https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-27891/