Samsung Exynos

CPE Details

Samsung Exynos
-
2020-03-26
19h52 +00:00
2020-03-26
19h52 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*

Informations

Vendor

samsung

Product

exynos

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-21517 2023-06-27 22h00 +00:00 Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code.
9.8
Critical
CVE-2023-21494 2023-05-04 00h00 +00:00 Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
9.8
Critical
CVE-2023-21503 2023-05-04 00h00 +00:00 Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
9.8
Critical
CVE-2023-21455 2023-03-16 00h00 +00:00 Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message.
9.1
Critical
CVE-2022-39901 2022-12-07 23h00 +00:00 Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.
6.5
Medium
CVE-2022-39902 2022-12-07 23h00 +00:00 Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call.
7.5
High
CVE-2022-39881 2022-11-08 23h00 +00:00 Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory.
9.1
Critical
CVE-2022-39854 2022-10-06 22h00 +00:00 Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory.
7.8
High
CVE-2022-25821 2022-03-08 12h47 +00:00 Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read.
7.1
High
CVE-2022-25819 2022-03-08 12h47 +00:00 OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory.
5.5
Medium
CVE-2022-23431 2022-02-11 16h40 +00:00 An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
6.7
Medium
CVE-2022-23432 2022-02-11 16h40 +00:00 An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
6.7
Medium
CVE-2022-23428 2022-02-11 16h40 +00:00 An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
8.4
High
CVE-2022-23425 2022-02-11 16h40 +00:00 Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station.
9.8
Critical
CVE-2022-22265 2022-01-07 22h39 +00:00 An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.
7.8
High
CVE-2021-25503 2021-11-05 01h03 +00:00 Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution.
6.7
Medium
CVE-2021-25491 2021-10-06 15h10 +00:00 A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.
4.4
Medium
CVE-2021-25488 2021-10-06 15h10 +00:00 Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read.
5.5
Medium
CVE-2021-25481 2021-10-06 15h09 +00:00 An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory.
6.7
Medium
CVE-2021-25479 2021-10-06 15h09 +00:00 A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
7.2
High
CVE-2021-25478 2021-10-06 15h09 +00:00 A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
7.2
High
CVE-2021-25476 2021-10-06 15h08 +00:00 An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.
4.4
Medium
CVE-2021-25471 2021-10-06 15h08 +00:00 A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion.
7.5
High
CVE-2021-25470 2021-10-06 15h07 +00:00 An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE.
7.9
High
CVE-2021-25469 2021-10-06 15h07 +00:00 A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.
6.7
Medium
CVE-2021-25468 2021-10-06 15h07 +00:00 A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.
4.4
Medium
CVE-2021-25345 2021-03-04 20h05 +00:00 Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.
5.5
Medium
CVE-2021-22495 2021-01-05 16h54 +00:00 An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. The Mali GPU driver allows out-of-bounds access and a device reset. The Samsung ID is SVE-2020-19174 (January 2021).
5.5
Medium
CVE-2020-25054 2020-08-31 18h24 +00:00 An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020).
9.1
Critical
CVE-2016-11028 2020-04-07 11h46 +00:00 An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a stack-based buffer overflow in the OTP TrustZone trustlet. The Samsung IDs are SVE-2016-7173 and SVE-2016-7174 (December 2016).
9.8
Critical
CVE-2019-20596 2020-03-24 18h07 +00:00 An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is information disclosure in the GateKeeper Trustlet. The Samsung ID is SVE-2019-13958 (June 2019).
9.1
Critical
CVE-2019-20572 2020-03-24 17h39 +00:00 An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software. load_kernel has a buffer overflow via untrusted data. The Samsung ID is SVE-2019-14939 (September 2019).
9.8
Critical
CVE-2019-20558 2020-03-24 17h25 +00:00 An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a Buffer Overflow in the Touch Screen Driver. The Samsung ID is SVE-2019-14990 (October 2019).
9.8
Critical
CVE-2020-10835 2020-03-24 16h17 +00:00 An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).
9.8
Critical