Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-29153

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-09 Jul, 2024 | 00:00
Updated At-02 Aug, 2024 | 01:10
Rejected At-
Credits

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves incorrect authorization of LTE NAS messages and leads to downgrading to lower network generations and repeated DDOS.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:09 Jul, 2024 | 00:00
Updated At:02 Aug, 2024 | 01:10
Rejected At:
â–¼CVE Numbering Authority (CNA)

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves incorrect authorization of LTE NAS messages and leads to downgrading to lower network generations and repeated DDOS.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
3.18.1HIGH
CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
Version: 3.1
Base score: 8.1
Base severity: HIGH
Vector:
CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/
N/A
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-29153/
N/A
Hyperlink: https://semiconductor.samsung.com/support/quality-support/product-security-updates/
Resource: N/A
Hyperlink: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-29153/
Resource: N/A
â–¼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Samsungsamsung
Product
mobile_processor_wearable_processor_and_modems
CPEs
  • cpe:2.3:a:samsung:mobile_processor_wearable_processor_and_modems:exynos:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 9820
  • 9825
  • 990
  • 980
  • 850
  • 1080
  • 2100
  • 2200
  • 1280
  • 1380
  • 1330
  • 9110
  • w920
  • w930
Vendor
Samsungsamsung
Product
exynos_modem
CPEs
  • cpe:2.3:a:samsung:exynos_modem:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 5123
  • 5300
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400 Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400 Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/
x_transferred
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-29153/
x_transferred
Hyperlink: https://semiconductor.samsung.com/support/quality-support/product-security-updates/
Resource:
x_transferred
Hyperlink: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-29153/
Resource:
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 Jul, 2024 | 20:15
Updated At:26 Jun, 2025 | 20:53

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves incorrect authorization of LTE NAS messages and leads to downgrading to lower network generations and repeated DDOS.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.1HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Samsung
samsung
>>exynos_9820_firmware>>-
cpe:2.3:o:samsung:exynos_9820_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_9820>>-
cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_9825_firmware>>-
cpe:2.3:o:samsung:exynos_9825_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_9825>>-
cpe:2.3:h:samsung:exynos_9825:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_980_firmware>>-
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_980>>-
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_990_firmware>>-
cpe:2.3:o:samsung:exynos_990_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_990>>-
cpe:2.3:h:samsung:exynos_990:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_850_firmware>>-
cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_850>>-
cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_1080_firmware>>-
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_1080>>-
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_2100_firmware>>-
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_2100>>-
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_2200_firmware>>-
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_2200>>-
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_1280_firmware>>-
cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_1280>>-
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_1380_firmware>>-
cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_1380>>-
cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_1330_firmware>>-
cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_1330>>-
cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_9110_firmware>>-
cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_9110>>-
cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_w920_firmware>>-
cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_w920>>-
cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_w930_firmware>>-
cpe:2.3:o:samsung:exynos_w930_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_w930>>-
cpe:2.3:h:samsung:exynos_w930:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_modem_5123_firmware>>-
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_modem_5123>>-
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_modem_5300_firmware>>-
cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
Samsung
samsung
>>exynos_modem_5300>>-
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-400
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve@mitre.org
Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-29153/cve@mitre.org
Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-29153/af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://semiconductor.samsung.com/support/quality-support/product-security-updates/
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-29153/
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://semiconductor.samsung.com/support/quality-support/product-security-updates/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-29153/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

18Records found
CVE-2024-44068
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.60% / 68.87%
||
7 Day CHG-0.07%
Published-07 Oct, 2024 | 00:00
Updated-17 Jun, 2025 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. A Use-After-Free in the mobile processor leads to privilege escalation.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_990_firmwareexynos_9820_firmwareexynos_850exynos_9820exynos_850_firmwareexynos_980_firmwareexynos_w920exynos_w920_firmwareexynos_9825exynos_9825_firmwareexynos_990exynos_980n/aexynos_850_firmwareexynos_990_firmwareexynos_9820_firmwareexynos_980_firmwareexynos_w920_firmwareexynos_9825_firmware
CWE ID-CWE-416
Use After Free
CVE-2018-21040
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.13% / 33.11%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 16:24
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 9810 chipsets) software. There is a race condition with a resultant use-after-free in the g2d driver. The Samsung ID is SVE-2018-12959 (December 2018).

Action-Not Available
Vendor-n/aGoogle LLCSamsung
Product-androidexynos_9810n/a
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-39890
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.84% / 74.33%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 00:00
Updated-01 Jul, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_1380_firmwareexynos_1480_firmwareexynos_9825_firmwareexynos_modem_5123_firmwareexynos_2200exynos_w920_firmwareexynos_2400exynos_modem_5300exynos_1330_firmwareexynos_990exynos_850_firmwareexynos_w930_firmwareexynos_980exynos_1280exynos_990_firmwareexynos_9110_firmwareexynos_1080_firmwareexynos_9820exynos_w1000_firmwareexynos_1380exynos_9110exynos_9825exynos_2400_firmwareexynos_850exynos_1080exynos_w930exynos_2100exynos_1280_firmwareexynos_9820_firmwareexynos_1330exynos_980_firmwareexynos_2200_firmwareexynos_modem_5123exynos_w920exynos_2100_firmwareexynos_1480exynos_modem_5300_firmwareexynos_w1000n/amobile_processor_wearable_processor_and_modems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-20610
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.15% / 35.64%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 19:23
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019).

Action-Not Available
Vendor-n/aGoogle LLCSamsung
Product-exynos_7880exynos_9810exynos_7570androidexynos_7870exynos_7885exynos_8890exynos_8895n/a
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2017-18692
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.12% / 31.55%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:01
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890, or Exynos8895 chipsets) software. There is a race condition, with a resultant buffer overflow, in the sec_ts touchscreen sysfs interface. The Samsung ID is SVE-2016-7501 (January 2017).

Action-Not Available
Vendor-n/aGoogle LLCQualcomm Technologies, Inc.Samsung
Product-msm8998androidmsm8996exynos_8890exynos_8895msm8939exynos_7580n/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2023-50807
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.29% / 52.33%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 00:00
Updated-26 Jun, 2025 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in Samsung Wearable Processor and Modems with versions Exynos 9110, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth).

Action-Not Available
Vendor-n/aSamsung
Product-exynos_modem_5123exynos_9110exynos_modem_5300exynos_modem_5300_firmwareexynos_9110_firmwareexynos_modem_5123_firmwaren/aexynos_5123exynos_5300exynos_9110_firmware
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-50805
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.29% / 52.33%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 00:00
Updated-14 Jul, 2025 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth).

Action-Not Available
Vendor-n/aSamsung
Product-exynos_850_firmwareexynos_modem_5300exynos_9820_firmwareexynos_9820exynos_980exynos_w920exynos_9825exynos_modem_5123_firmwareexynos_9110_firmwareexynos_2100_firmwareexynos_1280exynos_2200exynos_1330exynos_990_firmwareexynos_modem_5300_firmwareexynos_1280_firmwareexynos_2200_firmwareexynos_1380exynos_1080exynos_990exynos_980_firmwareexynos_w920_firmwareexynos_w930exynos_850exynos_1380_firmwareexynos_w930_firmwareexynos_2100exynos_9110exynos_modem_5123exynos_1330_firmwareexynos_9825_firmwareexynos_1080_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-49415
Matching Score-8
Assigner-Samsung Mobile
ShareView Details
Matching Score-8
Assigner-Samsung Mobile
CVSS Score-8.1||HIGH
EPSS-6.04% / 90.51%
||
7 Day CHG~0.00%
Published-03 Dec, 2024 | 05:47
Updated-10 Feb, 2025 | 22:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-androidSamsung Mobile Devicesandroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-30729
Matching Score-8
Assigner-Samsung Mobile
ShareView Details
Matching Score-8
Assigner-Samsung Mobile
CVSS Score-8.1||HIGH
EPSS-0.27% / 50.15%
||
7 Day CHG~0.00%
Published-06 Sep, 2023 | 03:12
Updated-26 Sep, 2024 | 20:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-emailSamsung Email
CWE ID-CWE-295
Improper Certificate Validation
CVE-2024-55568
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.11%
||
7 Day CHG~0.00%
Published-20 Oct, 2025 | 00:00
Updated-04 Nov, 2025 | 13:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The absence of a NULL check leads to a Denial of Service when an attacker sends malformed MM packets to the target.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_1330exynos_1080_firmwareexynos_modem_5300exynos_9110exynos_850_firmwareexynos_2100_firmwareexynos_2400_firmwareexynos_w930exynos_modem_5300_firmwareexynos_w920exynos_990exynos_9110_firmwareexynos_850exynos_modem_5123_firmwareexynos_1380_firmwareexynos_2100exynos_1480_firmwareexynos_1480exynos_modem_5400exynos_modem_5123exynos_w920_firmwareexynos_2400exynos_2200_firmwareexynos_980_firmwareexynos_980exynos_1080exynos_w1000_firmwareexynos_modem_5400_firmwareexynos_1380exynos_1280exynos_1280_firmwareexynos_990_firmwareexynos_w1000exynos_2200exynos_1330_firmwareexynos_w930_firmwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-46923
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 42.45%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 00:00
Updated-20 Jun, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_ib_fill in the Xclipse Driver.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_1480exynos_2400exynos_1480_firmwareexynos_2200exynos_2200_firmwareexynos_2400_firmwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-59439
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 17.73%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 00:00
Updated-05 Feb, 2026 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper Handling of Exceptional Conditions.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_w1000exynos_980_firmwareexynos_w920_firmwareexynos_1080_firmwareexynos_990_firmwareexynos_modem_5123_firmwareexynos_980exynos_w930exynos_850_firmwareexynos_w920exynos_w930_firmwareexynos_9110_firmwareexynos_850exynos_9110exynos_w1000_firmwareexynos_modem_5123exynos_990exynos_1080n/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-5351
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.17%
||
7 Day CHG~0.00%
Published-12 Jan, 2017 | 06:06
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650.

Action-Not Available
Vendor-n/aSamsung
Product-samsung_mobilen/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-49494
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.11%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 00:00
Updated-07 Nov, 2025 | 12:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_1480exynos_1380_firmwareexynos_2200_firmwareexynos_1280_firmwareexynos_1330modem_5123exynos_2100exynos_1280exynos_2200exynos_9110exynos_9110_firmwareexynos_1380modem_5123_firmwareexynos_1330_firmwareexynos_1480_firmwareexynos_2100_firmwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-43706
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.36%
||
7 Day CHG~0.00%
Published-05 Jan, 2026 | 00:00
Updated-09 Jan, 2026 | 14:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2400, 1580, 9110, W920, W930, Modem 5123, and Modem 5400. Incorrect handling of RRC packets leads to a Denial of Service.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_2400exynos_980_firmwareexynos_850_firmwareexynos_850exynos_w920exynos_w930_firmwareexynos_1580_firmwareexynos_w930modem_5123exynos_990_firmwareexynos_9110_firmwareexynos_1080exynos_980exynos_1580exynos_990exynos_w920_firmwareexynos_1080_firmwareexynos_9110modem_5400modem_5123_firmwaremodem_5400_firmwareexynos_2400_firmwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-26782
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.11%
||
7 Day CHG~0.00%
Published-20 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_1330exynos_w920_firmwareexynos_1080_firmwareexynos_9110modem_5400exynos_850_firmwareexynos_1330_firmwareexynos_2200_firmwareexynos_w930exynos_2100_firmwareexynos_980_firmwareexynos_w920exynos_990modem_5400_firmwareexynos_9110_firmwareexynos_980exynos_1080modem_5123exynos_850exynos_1380modem_5123_firmwareexynos_1280exynos_1280_firmwareexynos_990_firmwareexynos_1380_firmwareexynos_2200exynos_2100exynos_1480_firmwareexynos_1480exynos_w930_firmwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-26783
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.14%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 00:00
Updated-01 Jul, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_1380exynos_1380_firmwareexynos_1480_firmwareexynos_modem_5400exynos_2400_firmwareexynos_2100exynos_1280_firmwareexynos_2200exynos_2400exynos_modem_5300exynos_1330exynos_1330_firmwareexynos_2200_firmwareexynos_1280exynos_modem_5400_firmwareexynos_2100_firmwareexynos_w1000_firmwareexynos_1480exynos_modem_5300_firmwareexynos_w1000n/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-21543
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.1||HIGH
EPSS-7.55% / 91.62%
||
7 Day CHG+1.73%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_8.1windows_rt_8.1windows_11_21h2windows_7windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 7 Service Pack 1Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-400
Uncontrolled Resource Consumption
Details not found