PT-2023-20468 · Samsung · Exynos W920+8

Published

2023-03-13

Updated

2025-03-03

CVE-2023-26072

CVSS v3.1

7.6

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, Exynos Auto T5123, and Exynos W920 (affected versions not specified)

Description A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list. This issue affects Samsung Mobile Chipset and Baseband Modem Chipset for various Exynos models.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2023-26072

Affected Products

Exynos 1080

Exynos 1280

Exynos 2200

Exynos 850

Exynos 980

Exynos Auto T5123

Exynos Modem 5123

Exynos Modem 5300

Exynos W920

PT-2023-20468 · Samsung · Exynos W920+8

CVE-2023-26072

Weakness Enumeration

Related Identifiers

Affected Products

References · 11