PT-2023-20471 · Samsung · Exynos 2200+7

Published

2023-03-10

Updated

2025-02-27

CVE-2023-26075

CVSS v3.1

7.6

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 980 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1080 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 2200 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Modem 5123 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Modem 5300 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Auto T5123

Description An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2023-26075

Affected Products

Exynos 1080

Exynos 1280

Exynos 2200

Exynos 850

Exynos 980

Exynos Auto T5123

Exynos Modem 5123

Exynos Modem 5300

PT-2023-20471 · Samsung · Exynos 2200+7

CVE-2023-26075

Weakness Enumeration

Related Identifiers

Affected Products

References · 11