CVE Daily – Samsung Mobile (High+Critical) https://cvedaily.com/pages/tags/samsung-mobile.html CVE Daily – Samsung Mobile (High+Critical) en Wed, 03 Jun 2026 21:26:52 +0000 [High] CVE-2025-66369 – An issue was discovered in MM in Samsung Mobile Processor, Wearable Processor, a... https://nvd.nist.gov/vuln/detail/CVE-2025-66369 https://nvd.nist.gov/vuln/detail/CVE-2025-66369 Tue, 05 May 2026 16:16:10 +0000 High CVE-2025-66369

An issue was discovered in MM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, W920, W930, W1000, Modem 5123, and Modem 5300. Incorrect handling of 5G NR NAS registration accept messages leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-770

View on NVD

]]> [Critical] CVE-2025-52908 – An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wear... https://nvd.nist.gov/vuln/detail/CVE-2025-52908 https://nvd.nist.gov/vuln/detail/CVE-2025-52908 Tue, 07 Apr 2026 16:16:23 +0000 Critical CVE-2025-52908

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 1 of 2.

CVSS: 9.8 · CWE: CWE-120

View on NVD

]]> [Critical] CVE-2025-62818 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod... https://nvd.nist.gov/vuln/detail/CVE-2025-62818 https://nvd.nist.gov/vuln/detail/CVE-2025-62818 Tue, 07 Apr 2026 15:17:34 +0000 Critical CVE-2025-62818

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. An out-of-bounds write occurs due to a mismatch between the TP-UDHI and UDL values when processing an SMS TP-UD packet.

CVSS: 9.8 · CWE: CWE-787

View on NVD

]]> [Critical] CVE-2025-52909 – An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wear... https://nvd.nist.gov/vuln/detail/CVE-2025-52909 https://nvd.nist.gov/vuln/detail/CVE-2025-52909 Tue, 07 Apr 2026 15:17:32 +0000 Critical CVE-2025-52909

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2.

CVSS: 9.8 · CWE: CWE-120

View on NVD

]]> [High] CVE-2025-54601 – An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor amd Wear... https://nvd.nist.gov/vuln/detail/CVE-2025-54601 https://nvd.nist.gov/vuln/detail/CVE-2025-54601 Mon, 06 Apr 2026 21:16:19 +0000 High CVE-2025-54601

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor amd Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a double free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads.

CVSS: 7.0 · CWE: CWE-362

View on NVD

]]> [High] CVE-2025-57834 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod... https://nvd.nist.gov/vuln/detail/CVE-2025-57834 https://nvd.nist.gov/vuln/detail/CVE-2025-57834 Mon, 06 Apr 2026 20:16:20 +0000 High CVE-2025-57834

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem (Exynos 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 1680, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400, and Modem 5410). The absence of proper input validation leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-20

View on NVD

]]> [High] CVE-2025-54602 – An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wear... https://nvd.nist.gov/vuln/detail/CVE-2025-54602 https://nvd.nist.gov/vuln/detail/CVE-2025-54602 Mon, 06 Apr 2026 20:16:20 +0000 High CVE-2025-54602

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a use-after-free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads.

CVSS: 7.0 · CWE: CWE-362

View on NVD

]]> [Critical] CVE-2025-54328 – An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, ... https://nvd.nist.gov/vuln/detail/CVE-2025-54328 https://nvd.nist.gov/vuln/detail/CVE-2025-54328 Mon, 06 Apr 2026 20:16:20 +0000 Critical CVE-2025-54328

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DATA messages.

CVSS: 10.0 · CWE: CWE-121

View on NVD

]]> [Critical] CVE-2025-58349 – An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, a... https://nvd.nist.gov/vuln/detail/CVE-2025-58349 https://nvd.nist.gov/vuln/detail/CVE-2025-58349 Mon, 06 Apr 2026 19:16:26 +0000 Critical CVE-2025-58349

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect handling of LTE MAC packets containing many MAC Control Elements (CEs) leads to baseband crashes.

CVSS: 9.1 · CWE: CWE-400

View on NVD

]]> [High] CVE-2025-54324 – An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, ... https://nvd.nist.gov/vuln/detail/CVE-2025-54324 https://nvd.nist.gov/vuln/detail/CVE-2025-54324 Mon, 06 Apr 2026 19:16:26 +0000 High CVE-2025-54324

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect Handling of a DL NAS Transport packet leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-400

View on NVD

]]> [High] CVE-2025-59440 – An issue was discovered in USIM in Samsung Mobile Processor, Wearable Processor,... https://nvd.nist.gov/vuln/detail/CVE-2025-59440 https://nvd.nist.gov/vuln/detail/CVE-2025-59440 Mon, 06 Apr 2026 18:16:40 +0000 High CVE-2025-59440

An issue was discovered in USIM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Improper handling of SIM card proactive commands leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-400

View on NVD

]]> [High] CVE-2025-57835 – An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, ... https://nvd.nist.gov/vuln/detail/CVE-2025-57835 https://nvd.nist.gov/vuln/detail/CVE-2025-57835 Mon, 06 Apr 2026 18:16:40 +0000 High CVE-2025-57835

An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Improper memory initialization results in an illegal memory access, causing a system crash via a malformed RRCReconfiguration message.

CVSS: 7.5 · CWE: CWE-20

View on NVD

]]> [High] CVE-2025-62817 – An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 148... https://nvd.nist.gov/vuln/detail/CVE-2025-62817 https://nvd.nist.gov/vuln/detail/CVE-2025-62817 Tue, 03 Mar 2026 17:16:17 +0000 High CVE-2025-62817

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session->ncp_hdr_buf in __pilot_parsing_ncp() causes a denial of service.

CVSS: 7.5 · CWE: CWE-476

View on NVD

]]> [High] CVE-2025-66363 – An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There wa... https://nvd.nist.gov/vuln/detail/CVE-2025-66363 https://nvd.nist.gov/vuln/detail/CVE-2025-66363 Tue, 03 Mar 2026 16:16:17 +0000 High CVE-2025-66363

An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages.

CVSS: 7.5 · CWE: CWE-665

View on NVD

]]> [High] CVE-2025-62814 – An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 148... https://nvd.nist.gov/vuln/detail/CVE-2025-62814 https://nvd.nist.gov/vuln/detail/CVE-2025-62814 Tue, 03 Mar 2026 16:16:17 +0000 High CVE-2025-62814

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A NULL pointer dereference of ft_handle in load_fw_utc_vector() causes a denial of service.

CVSS: 7.5 · CWE: CWE-476

View on NVD

]]> [High] CVE-2025-58107 – In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on ... https://nvd.nist.gov/vuln/detail/CVE-2025-58107 https://nvd.nist.gov/vuln/detail/CVE-2025-58107 Mon, 02 Mar 2026 15:16:31 +0000 High CVE-2025-58107

In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password.

CVSS: 7.5 · CWE: CWE-319

View on NVD

]]> [High] CVE-2025-59439 – An issue was discovered in Samsung Mobile Processor, Wearable Processor and Mode... https://nvd.nist.gov/vuln/detail/CVE-2025-59439 https://nvd.nist.gov/vuln/detail/CVE-2025-59439 Tue, 03 Feb 2026 18:16:14 +0000 High CVE-2025-59439

An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper Handling of Exceptional Conditions.

CVSS: 7.5 · CWE: CWE-400

View on NVD

]]> [High] CVE-2025-53966 – An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and... https://nvd.nist.gov/vuln/detail/CVE-2025-53966 https://nvd.nist.gov/vuln/detail/CVE-2025-53966 Mon, 05 Jan 2026 19:15:56 +0000 High CVE-2025-53966

An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message.

CVSS: 8.4 · CWE: CWE-120

View on NVD

]]> [High] CVE-2025-49495 – An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 13... https://nvd.nist.gov/vuln/detail/CVE-2025-49495 https://nvd.nist.gov/vuln/detail/CVE-2025-49495 Mon, 05 Jan 2026 19:15:56 +0000 High CVE-2025-49495

An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow.

CVSS: 8.4 · CWE: CWE-120

View on NVD

]]> [High] CVE-2025-43706 – An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, a... https://nvd.nist.gov/vuln/detail/CVE-2025-43706 https://nvd.nist.gov/vuln/detail/CVE-2025-43706 Mon, 05 Jan 2026 19:15:56 +0000 High CVE-2025-43706

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2400, 1580, 9110, W920, W930, Modem 5123, and Modem 5400. Incorrect handling of RRC packets leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-400

View on NVD

]]> [Critical] CVE-2025-27807 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod... https://nvd.nist.gov/vuln/detail/CVE-2025-27807 https://nvd.nist.gov/vuln/detail/CVE-2025-27807 Mon, 05 Jan 2026 19:15:55 +0000 Critical CVE-2025-27807

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS packets.

CVSS: 9.1 · CWE: CWE-787

View on NVD

]]> [High] CVE-2025-52519 – An issue was discovered in the Camera in Samsung Mobile Processor and Wearable P... https://nvd.nist.gov/vuln/detail/CVE-2025-52519 https://nvd.nist.gov/vuln/detail/CVE-2025-52519 Mon, 05 Jan 2026 17:15:45 +0000 High CVE-2025-52519

An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. Improper validation of user-space input in the issimian device driver leads to information disclosure and a denial of service.

CVSS: 7.1 · CWE: CWE-20

View on NVD

]]> [High] CVE-2025-54326 – An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 22... https://nvd.nist.gov/vuln/detail/CVE-2025-54326 https://nvd.nist.gov/vuln/detail/CVE-2025-54326 Wed, 03 Dec 2025 17:15:52 +0000 High CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service.

CVSS: 7.5 · CWE: CWE-476

View on NVD

]]> [Critical] CVE-2025-52910 – An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Proc... https://nvd.nist.gov/vuln/detail/CVE-2025-52910 https://nvd.nist.gov/vuln/detail/CVE-2025-52910 Tue, 04 Nov 2025 21:15:37 +0000 Critical CVE-2025-52910

An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation.

CVSS: 9.8 · CWE: CWE-416

View on NVD

]]> [High] CVE-2024-56426 – An issue was discovered in Samsung Mobile Processor and Wearable Processor Exyno... https://nvd.nist.gov/vuln/detail/CVE-2024-56426 https://nvd.nist.gov/vuln/detail/CVE-2024-56426 Tue, 04 Nov 2025 21:15:33 +0000 High CVE-2024-56426

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target.

CVSS: 7.5 · CWE: CWE-787

View on NVD

]]> [High] CVE-2025-49494 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod... https://nvd.nist.gov/vuln/detail/CVE-2025-49494 https://nvd.nist.gov/vuln/detail/CVE-2025-49494 Tue, 04 Nov 2025 20:17:15 +0000 High CVE-2025-49494

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-400

View on NVD

]]> [High] CVE-2025-54334 – An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 128... https://nvd.nist.gov/vuln/detail/CVE-2025-54334 https://nvd.nist.gov/vuln/detail/CVE-2025-54334 Tue, 04 Nov 2025 19:17:11 +0000 High CVE-2025-54334

An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, 2500. There is a NULL Pointer Dereference of hdev in the __npu_vertex_bootup function.

CVSS: 7.5 · CWE: CWE-476

View on NVD

]]> [High] CVE-2025-52513 – An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A r... https://nvd.nist.gov/vuln/detail/CVE-2025-52513 https://nvd.nist.gov/vuln/detail/CVE-2025-52513 Tue, 04 Nov 2025 19:17:11 +0000 High CVE-2025-52513

An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, leading to a denial of service.

CVSS: 7.5 · CWE: CWE-787

View on NVD

]]> [High] CVE-2025-52512 – An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A r... https://nvd.nist.gov/vuln/detail/CVE-2025-52512 https://nvd.nist.gov/vuln/detail/CVE-2025-52512 Tue, 04 Nov 2025 19:17:11 +0000 High CVE-2025-52512

An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in out-of-bounds memory access, leading to a denial of service.

CVSS: 7.5 · CWE: CWE-125

View on NVD

]]> [High] CVE-2025-54332 – An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through J... https://nvd.nist.gov/vuln/detail/CVE-2025-54332 https://nvd.nist.gov/vuln/detail/CVE-2025-54332 Tue, 04 Nov 2025 17:16:22 +0000 High CVE-2025-54332

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is a NULL Pointer Dereference of profiler.node in the npu_vertex_profileoff function.

CVSS: 7.5 · CWE: CWE-476

View on NVD

]]> [High] CVE-2025-54329 – An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, ... https://nvd.nist.gov/vuln/detail/CVE-2025-54329 https://nvd.nist.gov/vuln/detail/CVE-2025-54329 Tue, 04 Nov 2025 17:16:22 +0000 High CVE-2025-54329

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to send a multiple-payloads message (including an SMS message) lacks bounds checking, which can lead to a heap overflow.

CVSS: 7.5 · CWE: CWE-122

View on NVD

]]> [High] CVE-2025-54323 – An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 99... https://nvd.nist.gov/vuln/detail/CVE-2025-54323 https://nvd.nist.gov/vuln/detail/CVE-2025-54323 Tue, 04 Nov 2025 17:16:22 +0000 High CVE-2025-54323

An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and 1580. Improper debug printing leads to information leakage.

CVSS: 7.5 · CWE: CWE-200

View on NVD

]]> [High] CVE-2025-26782 – An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, a... https://nvd.nist.gov/vuln/detail/CVE-2025-26782 https://nvd.nist.gov/vuln/detail/CVE-2025-26782 Mon, 20 Oct 2025 16:15:36 +0000 High CVE-2025-26782

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-400

View on NVD

]]> [High] CVE-2025-26781 – An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, a... https://nvd.nist.gov/vuln/detail/CVE-2025-26781 https://nvd.nist.gov/vuln/detail/CVE-2025-26781 Mon, 20 Oct 2025 16:15:36 +0000 High CVE-2025-26781

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-20

View on NVD

]]> [High] CVE-2024-55568 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod... https://nvd.nist.gov/vuln/detail/CVE-2024-55568 https://nvd.nist.gov/vuln/detail/CVE-2024-55568 Mon, 20 Oct 2025 16:15:36 +0000 High CVE-2024-55568

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The absence of a NULL check leads to a Denial of Service when an attacker sends malformed MM packets to the target.

CVSS: 7.5 · CWE: CWE-400

View on NVD

]]> [Critical] CVE-2025-47202 – In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 99... https://nvd.nist.gov/vuln/detail/CVE-2025-47202 https://nvd.nist.gov/vuln/detail/CVE-2025-47202 Mon, 07 Jul 2025 16:15:23 +0000 Critical CVE-2025-47202

In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes.

CVSS: 9.1 · CWE: CWE-787

View on NVD

]]> [High] CVE-2025-26780 – An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 ... https://nvd.nist.gov/vuln/detail/CVE-2025-26780 https://nvd.nist.gov/vuln/detail/CVE-2025-26780 Mon, 07 Jul 2025 16:15:22 +0000 High CVE-2025-26780

An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet.

CVSS: 7.5 · CWE: CWE-20

View on NVD

]]> [High] CVE-2025-23100 – An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 148... https://nvd.nist.gov/vuln/detail/CVE-2025-23100 https://nvd.nist.gov/vuln/detail/CVE-2025-23100 Tue, 03 Jun 2025 20:15:21 +0000 High CVE-2025-23100

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. The absence of a NULL check leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-476

View on NVD

]]> [High] CVE-2025-23098 – An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100,... https://nvd.nist.gov/vuln/detail/CVE-2025-23098 https://nvd.nist.gov/vuln/detail/CVE-2025-23098 Tue, 03 Jun 2025 20:15:21 +0000 High CVE-2025-23098

An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380. A Use-After-Free in the mobile processor leads to privilege escalation.

CVSS: 7.8 · CWE: CWE-416

View on NVD

]]> [Critical] CVE-2025-23097 – An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a l... https://nvd.nist.gov/vuln/detail/CVE-2025-23097 https://nvd.nist.gov/vuln/detail/CVE-2025-23097 Tue, 03 Jun 2025 20:15:20 +0000 Critical CVE-2025-23097

An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes.

CVSS: 9.1 · CWE: CWE-787

View on NVD

]]> [High] CVE-2025-23102 – An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100,... https://nvd.nist.gov/vuln/detail/CVE-2025-23102 https://nvd.nist.gov/vuln/detail/CVE-2025-23102 Tue, 03 Jun 2025 19:15:38 +0000 High CVE-2025-23102

An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380, 1480 and 2400. A Double Free in the mobile processor leads to privilege escalation.

CVSS: 8.8 · CWE: CWE-415

View on NVD

]]> [High] CVE-2025-23107 – An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The la... https://nvd.nist.gov/vuln/detail/CVE-2025-23107 https://nvd.nist.gov/vuln/detail/CVE-2025-23107 Tue, 03 Jun 2025 17:15:21 +0000 High CVE-2025-23107

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.

CVSS: 8.6 · CWE: CWE-787

View on NVD

]]> [High] CVE-2025-23103 – An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The la... https://nvd.nist.gov/vuln/detail/CVE-2025-23103 https://nvd.nist.gov/vuln/detail/CVE-2025-23103 Tue, 03 Jun 2025 16:15:23 +0000 High CVE-2025-23103

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.

CVSS: 8.6 · CWE: CWE-787

View on NVD

]]> [High] CVE-2025-23105 – An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400... https://nvd.nist.gov/vuln/detail/CVE-2025-23105 https://nvd.nist.gov/vuln/detail/CVE-2025-23105 Mon, 02 Jun 2025 19:15:26 +0000 High CVE-2025-23105

An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.

CVSS: 7.8 · CWE: CWE-276

View on NVD

]]> [Critical] CVE-2025-23099 – An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The la... https://nvd.nist.gov/vuln/detail/CVE-2025-23099 https://nvd.nist.gov/vuln/detail/CVE-2025-23099 Mon, 02 Jun 2025 19:15:26 +0000 Critical CVE-2025-23099

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.

CVSS: 9.1 · CWE: CWE-787

View on NVD

]]> [High] CVE-2024-49196 – An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2... https://nvd.nist.gov/vuln/detail/CVE-2024-49196 https://nvd.nist.gov/vuln/detail/CVE-2024-49196 Tue, 27 May 2025 17:15:25 +0000 High CVE-2024-49196

An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2400. Type confusion leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-843

View on NVD

]]> [Critical] CVE-2025-27891 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod... https://nvd.nist.gov/vuln/detail/CVE-2025-27891 https://nvd.nist.gov/vuln/detail/CVE-2025-27891 Wed, 14 May 2025 21:15:58 +0000 Critical CVE-2025-27891

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets.

CVSS: 9.1 · CWE: CWE-125

View on NVD

]]> [High] CVE-2025-26783 – An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, ... https://nvd.nist.gov/vuln/detail/CVE-2025-26783 https://nvd.nist.gov/vuln/detail/CVE-2025-26783 Wed, 14 May 2025 21:15:58 +0000 High CVE-2025-26783

An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-400

View on NVD

]]> [High] CVE-2024-55569 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod... https://nvd.nist.gov/vuln/detail/CVE-2024-55569 https://nvd.nist.gov/vuln/detail/CVE-2024-55569 Wed, 14 May 2025 21:15:57 +0000 High CVE-2024-55569

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.

CVSS: 7.5 · CWE: CWE-787

View on NVD

]]> [High] CVE-2025-26785 – An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, ... https://nvd.nist.gov/vuln/detail/CVE-2025-26785 https://nvd.nist.gov/vuln/detail/CVE-2025-26785 Wed, 14 May 2025 17:15:47 +0000 High CVE-2025-26785

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.

CVSS: 7.5 · CWE: CWE-787

View on NVD

]]> [High] CVE-2024-50600 – An issue was discovered in Samsung Mobile Processor and Wearable Processor Exyno... https://nvd.nist.gov/vuln/detail/CVE-2024-50600 https://nvd.nist.gov/vuln/detail/CVE-2024-50600 Thu, 06 Mar 2025 19:15:26 +0000 High CVE-2024-50600

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access. An attacker can send a malformed message to the target through the Wi-Fi driver.

CVSS: 7.5 · CWE: CWE-125

View on NVD

]]> [High] CVE-2024-52924 – An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor,... https://nvd.nist.gov/vuln/detail/CVE-2024-52924 https://nvd.nist.gov/vuln/detail/CVE-2024-52924 Thu, 06 Mar 2025 18:15:41 +0000 High CVE-2024-52924

An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the decoding of Registration Accept messages can lead to out-of-bounds writes on the stack

CVSS: 7.5 · CWE: CWE-121

View on NVD

]]> [High] CVE-2024-52923 – An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor,... https://nvd.nist.gov/vuln/detail/CVE-2024-52923 https://nvd.nist.gov/vuln/detail/CVE-2024-52923 Thu, 06 Mar 2025 18:15:41 +0000 High CVE-2024-52923

An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the decoding of DL NAS Transport messages leads to a Denial of Service.

CVSS: 7.5 · CWE: CWE-119

View on NVD

]]> [High] CVE-2024-46923 – An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400... https://nvd.nist.gov/vuln/detail/CVE-2024-46923 https://nvd.nist.gov/vuln/detail/CVE-2024-46923 Wed, 12 Feb 2025 22:15:39 +0000 High CVE-2024-46923

An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_ib_fill in the Xclipse Driver.

CVSS: 7.5 · CWE: CWE-400

View on NVD

]]> [High] CVE-2024-46922 – An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The ab... https://nvd.nist.gov/vuln/detail/CVE-2024-46922 https://nvd.nist.gov/vuln/detail/CVE-2024-46922 Wed, 12 Feb 2025 22:15:39 +0000 High CVE-2024-46922

An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver.

CVSS: 7.5 · CWE: CWE-476

View on NVD

]]> [High] CVE-2024-39890 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod... https://nvd.nist.gov/vuln/detail/CVE-2024-39890 https://nvd.nist.gov/vuln/detail/CVE-2024-39890 Mon, 02 Dec 2024 21:15:10 +0000 High CVE-2024-39890

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write.

CVSS: 8.1 · CWE: CWE-787

View on NVD

]]> [High] CVE-2024-39343 – An issue was discovered in Samsung Mobile Processor and Wearable Processor Exyno... https://nvd.nist.gov/vuln/detail/CVE-2024-39343 https://nvd.nist.gov/vuln/detail/CVE-2024-39343 Mon, 02 Dec 2024 20:15:06 +0000 High CVE-2024-39343

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead to Denial of Service.

CVSS: 7.0 · CWE: CWE-1284

View on NVD

]]> [High] CVE-2024-44068 – An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and... https://nvd.nist.gov/vuln/detail/CVE-2024-44068 https://nvd.nist.gov/vuln/detail/CVE-2024-44068 Mon, 07 Oct 2024 19:15:09 +0000 High CVE-2024-44068

An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. A Use-After-Free in the mobile processor leads to privilege escalation.

CVSS: 8.1 · CWE: CWE-416

View on NVD

]]> [High] CVE-2024-31960 – An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. Th... https://nvd.nist.gov/vuln/detail/CVE-2024-31960 https://nvd.nist.gov/vuln/detail/CVE-2024-31960 Tue, 10 Sep 2024 16:15:19 +0000 High CVE-2024-31960

An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference count bug. This can lead to a use after free.

CVSS: 7.8 · CWE: CWE-416

View on NVD

]]> [High] CVE-2024-29153 – A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, ... https://nvd.nist.gov/vuln/detail/CVE-2024-29153 https://nvd.nist.gov/vuln/detail/CVE-2024-29153 Tue, 09 Jul 2024 20:15:10 +0000 High CVE-2024-29153

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves incorrect authorization of LTE NAS messages and leads to dow…

CVSS: 8.1 · CWE: CWE-400

View on NVD

]]> [High] CVE-2023-50806 – A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, ... https://nvd.nist.gov/vuln/detail/CVE-2023-50806 https://nvd.nist.gov/vuln/detail/CVE-2023-50806 Tue, 09 Jul 2024 19:15:10 +0000 High CVE-2023-50806

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command.

CVSS: 8.4 · CWE: CWE-125

View on NVD

]]> [High] CVE-2023-50805 – A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, ... https://nvd.nist.gov/vuln/detail/CVE-2023-50805 https://nvd.nist.gov/vuln/detail/CVE-2023-50805 Tue, 09 Jul 2024 19:15:10 +0000 High CVE-2023-50805

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth).

CVSS: 8.1 · CWE: CWE-787

View on NVD

]]> [High] CVE-2024-32504 – An issue was discovered in Samsung Mobile Processor and Wearable Processor Exyno... https://nvd.nist.gov/vuln/detail/CVE-2024-32504 https://nvd.nist.gov/vuln/detail/CVE-2024-32504 Thu, 13 Jun 2024 17:15:50 +0000 High CVE-2024-32504

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write vulnerability.

CVSS: 8.4 · CWE: CWE-787

View on NVD

]]> [High] CVE-2024-31956 – An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Ex... https://nvd.nist.gov/vuln/detail/CVE-2024-31956 https://nvd.nist.gov/vuln/detail/CVE-2024-31956 Thu, 13 Jun 2024 17:15:49 +0000 High CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write.

CVSS: 8.4 · CWE: CWE-787

View on NVD

]]> [High] CVE-2024-32502 – An issue was discovered in Samsung Mobile Processor and Wearable Processor Exyno... https://nvd.nist.gov/vuln/detail/CVE-2024-32502 https://nvd.nist.gov/vuln/detail/CVE-2024-32502 Fri, 07 Jun 2024 17:15:50 +0000 High CVE-2024-32502

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper reference count checking, which can result in a UAF (Use-After-Free) vulnerability.

CVSS: 8.4 · CWE: CWE-416

View on NVD

]]> [High] CVE-2024-31959 – An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Ex... https://nvd.nist.gov/vuln/detail/CVE-2024-31959 https://nvd.nist.gov/vuln/detail/CVE-2024-31959 Fri, 07 Jun 2024 17:15:50 +0000 High CVE-2024-31959

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code execution.

CVSS: 8.4 · CWE: CWE-20

View on NVD

]]> [High] CVE-2024-32503 – An issue was discovered in Samsung Mobile Processor and Wearable Processor Exyno... https://nvd.nist.gov/vuln/detail/CVE-2024-32503 https://nvd.nist.gov/vuln/detail/CVE-2024-32503 Fri, 07 Jun 2024 16:15:10 +0000 High CVE-2024-32503

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper memory deallocation checking, which can result in a UAF (Use-After-Free) vulnerability.

CVSS: 8.4 · CWE: CWE-416

View on NVD

]]> [High] CVE-2023-49928 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Mod... https://nvd.nist.gov/vuln/detail/CVE-2023-49928 https://nvd.nist.gov/vuln/detail/CVE-2023-49928 Wed, 05 Jun 2024 19:15:11 +0000 High CVE-2023-49928

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified by the RRC. This can lead to disclosure of sensitive information.

CVSS: 7.5 · CWE: N/A

View on NVD

]]> [High] CVE-2023-41112 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automot... https://nvd.nist.gov/vuln/detail/CVE-2023-41112 https://nvd.nist.gov/vuln/detail/CVE-2023-41112 Wed, 08 Nov 2023 08:15:09 +0000 High CVE-2023-41112

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). A buffer copy, without checking the size of the input, can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.

CVSS: 7.1 · CWE: CWE-120

View on NVD

]]> [High] CVE-2023-41111 – An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automot... https://nvd.nist.gov/vuln/detail/CVE-2023-41111 https://nvd.nist.gov/vuln/detail/CVE-2023-41111 Wed, 08 Nov 2023 08:15:09 +0000 High CVE-2023-41111

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.

CVSS: 7.1 · CWE: CWE-787

View on NVD

]]> [High] CVE-2023-26076 – An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for... https://nvd.nist.gov/vuln/detail/CVE-2023-26076 https://nvd.nist.gov/vuln/detail/CVE-2023-26076 Mon, 13 Mar 2023 15:15:12 +0000 High CVE-2023-26076

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G SM message codec can occur due to insufficient parameter validation when decoding reserved options.

CVSS: 7.6 · CWE: CWE-120

View on NVD

]]> [High] CVE-2023-26073 – An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for... https://nvd.nist.gov/vuln/detail/CVE-2023-26073 https://nvd.nist.gov/vuln/detail/CVE-2023-26073 Mon, 13 Mar 2023 14:15:12 +0000 High CVE-2023-26073

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list.

CVSS: 7.6 · CWE: CWE-787

View on NVD

]]> [High] CVE-2023-26074 – An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for... https://nvd.nist.gov/vuln/detail/CVE-2023-26074 https://nvd.nist.gov/vuln/detail/CVE-2023-26074 Mon, 13 Mar 2023 13:15:11 +0000 High CVE-2023-26074

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions.

CVSS: 7.6 · CWE: CWE-787

View on NVD

]]> [High] CVE-2023-26072 – An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for... https://nvd.nist.gov/vuln/detail/CVE-2023-26072 https://nvd.nist.gov/vuln/detail/CVE-2023-26072 Mon, 13 Mar 2023 12:15:11 +0000 High CVE-2023-26072

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list.

CVSS: 7.6 · CWE: CWE-787

View on NVD

]]> [High] CVE-2023-26075 – An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for... https://nvd.nist.gov/vuln/detail/CVE-2023-26075 https://nvd.nist.gov/vuln/detail/CVE-2023-26075 Fri, 10 Mar 2023 17:15:10 +0000 High CVE-2023-26075

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List.

CVSS: 7.6 · CWE: CWE-120

View on NVD

]]> [High] CVE-2021-22492 – An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10... https://nvd.nist.gov/vuln/detail/CVE-2021-22492 https://nvd.nist.gov/vuln/detail/CVE-2021-22492 Tue, 05 Jan 2021 18:15:18 +0000 High CVE-2021-22492

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Broadcom Bluetooth chipsets) software. The Bluetooth UART driver has a buffer overflow. The Samsung ID is SVE-2020-18731 (January 2021).

CVSS: 8.8 · CWE: CWE-120

View on NVD

]]> [High] CVE-2020-35553 – An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Qual... https://nvd.nist.gov/vuln/detail/CVE-2020-35553 https://nvd.nist.gov/vuln/detail/CVE-2020-35553 Fri, 18 Dec 2020 09:15:13 +0000 High CVE-2020-35553

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Qualcomm SM8250 chipsets) software. They allows attackers to cause a denial of service (unlock failure) by triggering a power-shortage incident that causes a false-positive attack detection. The Samsung ID is SVE-2020-19678 (December 2020).

CVSS: 7.5 · CWE: CWE-920

View on NVD

]]> [Critical] CVE-2020-35551 – An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10... https://nvd.nist.gov/vuln/detail/CVE-2020-35551 https://nvd.nist.gov/vuln/detail/CVE-2020-35551 Fri, 18 Dec 2020 09:15:12 +0000 Critical CVE-2020-35551

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. They allow attackers to conduct RPMB state-change attacks because an unauthorized RPMB write operation can be replayed, a related issue to CVE-2020-13799. The Samsung ID is SVE-2020-18100 (December 2020).

CVSS: 9.8 · CWE: CWE-294

View on NVD

]]> [Critical] CVE-2020-35550 – An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), ... https://nvd.nist.gov/vuln/detail/CVE-2020-35550 https://nvd.nist.gov/vuln/detail/CVE-2020-35550 Fri, 18 Dec 2020 09:15:12 +0000 Critical CVE-2020-35550

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via StatusBar. The Samsung ID is SVE-2020-17888 (December 2020).

CVSS: 9.8 · CWE: N/A

View on NVD

]]> [High] CVE-2020-28343 – An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exyno... https://nvd.nist.gov/vuln/detail/CVE-2020-28343 https://nvd.nist.gov/vuln/detail/CVE-2020-28343 Sun, 08 Nov 2020 05:15:11 +0000 High CVE-2020-28343

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020).

CVSS: 7.8 · CWE: CWE-787

View on NVD

]]> [High] CVE-2020-28342 – An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China... https://nvd.nist.gov/vuln/detail/CVE-2020-28342 https://nvd.nist.gov/vuln/detail/CVE-2020-28342 Sun, 08 Nov 2020 05:15:11 +0000 High CVE-2020-28342

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China / India) software. The S Secure application allows attackers to bypass authentication for a locked Gallery application via the Reminder application. The Samsung ID is SVE-2020-18689 (November 2020).

CVSS: 7.8 · CWE: N/A

View on NVD

]]> [High] CVE-2020-28341 – An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipse... https://nvd.nist.gov/vuln/detail/CVE-2020-28341 https://nvd.nist.gov/vuln/detail/CVE-2020-28341 Sun, 08 Nov 2020 05:15:11 +0000 High CVE-2020-28341

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. The S3K250AF Secure Element CC EAL 5+ chip allows attackers to execute arbitrary code and obtain sensitive information via a buffer overflow. The Samsung ID is SVE-2020-18632 (November 2020).

CVSS: 7.8 · CWE: CWE-120

View on NVD

]]> [Critical] CVE-2020-28340 – An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), ... https://nvd.nist.gov/vuln/detail/CVE-2020-28340 https://nvd.nist.gov/vuln/detail/CVE-2020-28340 Sun, 08 Nov 2020 05:15:11 +0000 Critical CVE-2020-28340

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The Samsung ID is SVE-2020-18546 (November 2020).

CVSS: 9.8 · CWE: N/A

View on NVD

]]> [Critical] CVE-2020-26607 – An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(... https://nvd.nist.gov/vuln/detail/CVE-2020-26607 https://nvd.nist.gov/vuln/detail/CVE-2020-26607 Tue, 06 Oct 2020 19:15:15 +0000 Critical CVE-2020-26607

An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18418 (October 2020).

CVSS: 9.8 · CWE: N/A

View on NVD

]]> [High] CVE-2020-26606 – An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), ... https://nvd.nist.gov/vuln/detail/CVE-2020-26606 https://nvd.nist.gov/vuln/detail/CVE-2020-26606 Tue, 06 Oct 2020 19:15:15 +0000 High CVE-2020-26606

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 (October 2020).

CVSS: 7.5 · CWE: N/A

View on NVD

]]> [High] CVE-2020-26605 – An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exyn... https://nvd.nist.gov/vuln/detail/CVE-2020-26605 https://nvd.nist.gov/vuln/detail/CVE-2020-26605 Tue, 06 Oct 2020 19:15:15 +0000 High CVE-2020-26605

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. They allow attackers to obtain sensitive information by reading a log. The Samsung ID is SVE-2020-18596 (October 2020).

CVSS: 7.5 · CWE: CWE-532

View on NVD

]]> [High] CVE-2020-26604 – An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0... https://nvd.nist.gov/vuln/detail/CVE-2020-26604 https://nvd.nist.gov/vuln/detail/CVE-2020-26604 Tue, 06 Oct 2020 19:15:15 +0000 High CVE-2020-26604

An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 (October 2020).

CVSS: 7.5 · CWE: N/A

View on NVD

]]> [High] CVE-2020-26602 – An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1)... https://nvd.nist.gov/vuln/detail/CVE-2020-26602 https://nvd.nist.gov/vuln/detail/CVE-2020-26602 Tue, 06 Oct 2020 19:15:14 +0000 High CVE-2020-26602

An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 (October 2020).

CVSS: 7.5 · CWE: CWE-668

View on NVD

]]> [High] CVE-2020-26601 – An issue was discovered in DirEncryptService on Samsung mobile devices with O(8... https://nvd.nist.gov/vuln/detail/CVE-2020-26601 https://nvd.nist.gov/vuln/detail/CVE-2020-26601 Tue, 06 Oct 2020 19:15:14 +0000 High CVE-2020-26601

An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18034 (October 2020).

CVSS: 7.5 · CWE: N/A

View on NVD

]]> [High] CVE-2020-26600 – An issue was discovered on Samsung mobile devices with Q(10.0) software. Auto Ho... https://nvd.nist.gov/vuln/detail/CVE-2020-26600 https://nvd.nist.gov/vuln/detail/CVE-2020-26600 Tue, 06 Oct 2020 19:15:14 +0000 High CVE-2020-26600

An issue was discovered on Samsung mobile devices with Q(10.0) software. Auto Hotspot allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (October 2020).

CVSS: 7.5 · CWE: N/A

View on NVD

]]> [Critical] CVE-2020-25279 – An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10... https://nvd.nist.gov/vuln/detail/CVE-2020-25279 https://nvd.nist.gov/vuln/detail/CVE-2020-25279 Fri, 11 Sep 2020 22:15:19 +0000 Critical CVE-2020-25279

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020).

CVSS: 9.8 · CWE: CWE-120

View on NVD

]]> [Critical] CVE-2020-25278 – An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10... https://nvd.nist.gov/vuln/detail/CVE-2020-25278 https://nvd.nist.gov/vuln/detail/CVE-2020-25278 Fri, 11 Sep 2020 22:15:18 +0000 Critical CVE-2020-25278

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung IDs are SVE-2020-18088, SVE-2020-18225, SVE-2020-18301 (September 2020).

CVSS: 9.8 · CWE: CWE-787

View on NVD

]]> [High] CVE-2020-25056 – An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) soft... https://nvd.nist.gov/vuln/detail/CVE-2020-25056 https://nvd.nist.gov/vuln/detail/CVE-2020-25056 Mon, 31 Aug 2020 21:15:15 +0000 High CVE-2020-25056

An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) software. Because HAL improperly checks versions, bootloading by the S.LSI NFC chipset is mishandled. The Samsung ID is SVE-2020-16169 (August 2020).

CVSS: 7.5 · CWE: CWE-754

View on NVD

]]> [Critical] CVE-2020-25055 – An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10... https://nvd.nist.gov/vuln/detail/CVE-2020-25055 https://nvd.nist.gov/vuln/detail/CVE-2020-25055 Mon, 31 Aug 2020 21:15:15 +0000 Critical CVE-2020-25055

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 (August 2020).

CVSS: 9.8 · CWE: CWE-863

View on NVD

]]> [Critical] CVE-2020-25054 – An issue was discovered on Samsung mobile devices with software through 2020-04-... https://nvd.nist.gov/vuln/detail/CVE-2020-25054 https://nvd.nist.gov/vuln/detail/CVE-2020-25054 Mon, 31 Aug 2020 21:15:15 +0000 Critical CVE-2020-25054

An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020).

CVSS: 9.1 · CWE: CWE-125

View on NVD

]]> [Critical] CVE-2020-25053 – An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chips... https://nvd.nist.gov/vuln/detail/CVE-2020-25053 https://nvd.nist.gov/vuln/detail/CVE-2020-25053 Mon, 31 Aug 2020 21:15:15 +0000 Critical CVE-2020-25053

An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. RKP allows arbitrary code execution. The Samsung ID is SVE-2020-17435 (August 2020).

CVSS: 9.8 · CWE: N/A

View on NVD

]]> [Critical] CVE-2020-25052 – An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chips... https://nvd.nist.gov/vuln/detail/CVE-2020-25052 https://nvd.nist.gov/vuln/detail/CVE-2020-25052 Mon, 31 Aug 2020 21:15:15 +0000 Critical CVE-2020-25052

An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. H-Arx allows attackers to execute arbitrary code or cause a denial of service (memory corruption) because indexes are mishandled. The Samsung ID is SVE-2020-17426 (August 2020).

CVSS: 9.8 · CWE: CWE-787

View on NVD

]]> [High] CVE-2020-25051 – An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) softwa... https://nvd.nist.gov/vuln/detail/CVE-2020-25051 https://nvd.nist.gov/vuln/detail/CVE-2020-25051 Mon, 31 Aug 2020 21:15:15 +0000 High CVE-2020-25051

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via AppInfo. The Samsung ID is SVE-2020-17758 (August 2020).

CVSS: 7.5 · CWE: N/A

View on NVD

]]> [High] CVE-2020-25050 – An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) softwa... https://nvd.nist.gov/vuln/detail/CVE-2020-25050 https://nvd.nist.gov/vuln/detail/CVE-2020-25050 Mon, 31 Aug 2020 21:15:15 +0000 High CVE-2020-25050

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. The CMC service allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (August 2020).

CVSS: 7.5 · CWE: N/A

View on NVD

]]> [Critical] CVE-2020-25049 – An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) softwa... https://nvd.nist.gov/vuln/detail/CVE-2020-25049 https://nvd.nist.gov/vuln/detail/CVE-2020-25049 Mon, 31 Aug 2020 21:15:15 +0000 Critical CVE-2020-25049

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. StatusBarService has insufficient DEX access control. The Samsung ID is SVE-2020-17797 (August 2020).

CVSS: 9.8 · CWE: N/A

View on NVD

]]>