CVE-2023-50806 - Vulnerability Details

Vendors	Products
Samsung	Exynos 1080 Exynos 1280 Exynos 1330 Exynos 1380 Exynos 2100 Exynos 2200 Exynos 850 Exynos 9110 Exynos 980 Exynos 9820 Exynos 9825 Exynos 990 Exynos Modem 5123 Exynos Modem 5300 Exynos W920 Exynos W930

Link	Providers
https://semiconductor.samsung.com/support/quality-support/product-security-updates/
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/

Type	Values Removed	Values Added
Weaknesses	CWE-122

Type	Values Removed	Values Added
First Time appeared		Samsung Samsung exynos 1080 Samsung exynos 1280 Samsung exynos 1330 Samsung exynos 1380 Samsung exynos 2100 Samsung exynos 2200 Samsung exynos 850 Samsung exynos 9110 Samsung exynos 980 Samsung exynos 9820 Samsung exynos 9825 Samsung exynos 990 Samsung exynos Modem 5123 Samsung exynos Modem 5300 Samsung exynos W920 Samsung exynos W930
Weaknesses		CWE-125
CPEs		cpe:2.3:h:samsung:exynos_1080:::::::: cpe:2.3:h:samsung:exynos_1280:::::::: cpe:2.3:h:samsung:exynos_1330:::::::: cpe:2.3:h:samsung:exynos_1380:::::::: cpe:2.3:h:samsung:exynos_2100:::::::: cpe:2.3:h:samsung:exynos_2200:::::::: cpe:2.3:h:samsung:exynos_850:::::::: cpe:2.3:h:samsung:exynos_9110:::::::: cpe:2.3:h:samsung:exynos_980:::::::: cpe:2.3:h:samsung:exynos_9820:::::::: cpe:2.3:h:samsung:exynos_9825:::::::: cpe:2.3:h:samsung:exynos_990:::::::: cpe:2.3:h:samsung:exynos_modem_5123:::::::: cpe:2.3:h:samsung:exynos_modem_5300:::::::: cpe:2.3:h:samsung:exynos_w920:::::::: cpe:2.3:h:samsung:exynos_w930::::::::
Vendors & Products		Samsung Samsung exynos 1080 Samsung exynos 1280 Samsung exynos 1330 Samsung exynos 1380 Samsung exynos 2100 Samsung exynos 2200 Samsung exynos 850 Samsung exynos 9110 Samsung exynos 980 Samsung exynos 9820 Samsung exynos 9825 Samsung exynos 990 Samsung exynos Modem 5123 Samsung exynos Modem 5300 Samsung exynos W920 Samsung exynos W930
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-50806", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-10-25T17:49:27.232Z", "dateReserved": "2023-12-14T00:00:00", "datePublished": "2024-07-09T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-07-09T18:17:03.669048"}, "descriptions": [{"lang": "en", "value": "A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"}, {"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-125", "lang": "en", "description": "CWE-125 Out-of-bounds Read"}]}], "affected": [{"vendor": "samsung", "product": "exynos_9820", "cpes": ["cpe:2.3:h:samsung:exynos_9820:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_9825", "cpes": ["cpe:2.3:h:samsung:exynos_9825:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_980", "cpes": ["cpe:2.3:h:samsung:exynos_980:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_990", "cpes": ["cpe:2.3:h:samsung:exynos_990:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_850", "cpes": ["cpe:2.3:h:samsung:exynos_850:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_1080", "cpes": ["cpe:2.3:h:samsung:exynos_1080:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_2100", "cpes": ["cpe:2.3:h:samsung:exynos_2100:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_2200", "cpes": ["cpe:2.3:h:samsung:exynos_2200:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_1280", "cpes": ["cpe:2.3:h:samsung:exynos_1280:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_1380", "cpes": ["cpe:2.3:h:samsung:exynos_1380:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_1330", "cpes": ["cpe:2.3:h:samsung:exynos_1330:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_9110", "cpes": ["cpe:2.3:h:samsung:exynos_9110:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_w920", "cpes": ["cpe:2.3:h:samsung:exynos_w920:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_w930", "cpes": ["cpe:2.3:h:samsung:exynos_w930:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_modem_5123", "cpes": ["cpe:2.3:h:samsung:exynos_modem_5123:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "samsung", "product": "exynos_modem_5300", "cpes": ["cpe:2.3:h:samsung:exynos_modem_5300:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-10T16:44:55.696749Z", "id": "CVE-2023-50806", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-25T17:49:27.232Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:23:42.944Z"}, "title": "CVE Program Container", "references": [{"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", "tags": ["x_transferred"]}, {"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

cveMetadata : { »

state : PUBLISHED (string)

cveId : CVE-2023-50806 (string)

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

dateUpdated : 2024-10-25T17:49:27.232Z (string)

dateReserved : 2023-12-14T00:00:00 (string)

datePublished : 2024-07-09T00:00:00 (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

dateUpdated : 2024-07-09T18:17:03.669048 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command. (string)

}

]

affected : [ »

0 : { »

vendor : n/a (string)

product : n/a (string)

versions : [ »

0 : { »

version : n/a (string)

status : affected (string)

}

]

}

]

references : [ »

0 : { »

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/ (string)

}

1 : { »

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/ (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N (string)

attackVector : LOCAL (string)

attackComplexity : LOW (string)

privilegesRequired : NONE (string)

userInteraction : NONE (string)

scope : UNCHANGED (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

availabilityImpact : HIGH (string)

baseScore : 8.4 (number)

baseSeverity : HIGH (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : text (string)

lang : en (string)

description : n/a (string)

}

]

}

]

}

adp : [ »

0 : { »

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : CWE (string)

cweId : CWE-125 (string)

lang : en (string)

description : CWE-125 Out-of-bounds Read (string)

}

]

}

]

affected : [ »

0 : { »

vendor : samsung (string)

product : exynos_9820 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_9820:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

1 : { »

vendor : samsung (string)

product : exynos_9825 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_9825:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

2 : { »

vendor : samsung (string)

product : exynos_980 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_980:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

3 : { »

vendor : samsung (string)

product : exynos_990 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_990:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

4 : { »

vendor : samsung (string)

product : exynos_850 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_850:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

5 : { »

vendor : samsung (string)

product : exynos_1080 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_1080:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

6 : { »

vendor : samsung (string)

product : exynos_2100 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_2100:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

7 : { »

vendor : samsung (string)

product : exynos_2200 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_2200:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

8 : { »

vendor : samsung (string)

product : exynos_1280 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_1280:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

9 : { »

vendor : samsung (string)

product : exynos_1380 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_1380:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

10 : { »

vendor : samsung (string)

product : exynos_1330 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_1330:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

11 : { »

vendor : samsung (string)

product : exynos_9110 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_9110:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

12 : { »

vendor : samsung (string)

product : exynos_w920 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_w920:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

13 : { »

vendor : samsung (string)

product : exynos_w930 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_w930:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

14 : { »

vendor : samsung (string)

product : exynos_modem_5123 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_modem_5123:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

15 : { »

vendor : samsung (string)

product : exynos_modem_5300 (string)

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_modem_5300:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : * (string)

versionType : custom (string)

}

]

}

]

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-07-10T16:44:55.696749Z (string)

id : CVE-2023-50806 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-25T17:49:27.232Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T22:23:42.944Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/ (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/ (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", "tags": ["x_transferred"]}, {"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:23:42.944Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-50806", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-10T16:44:55.696749Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:samsung:exynos_9820:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_9820", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_9825:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_9825", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_980:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_980", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_990:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_990", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_850:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_850", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_1080:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_1080", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_2100:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_2100", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_2200:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_2200", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_1280:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_1280", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_1380:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_1380", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_1330:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_1330", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_9110:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_9110", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_w920:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_w920", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_w930:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_w930", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_modem_5123:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_modem_5123", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:samsung:exynos_modem_5300:*:*:*:*:*:*:*:*"], "vendor": "samsung", "product": "exynos_modem_5300", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-10T16:45:37.101Z"}}], "cna": {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"}, {"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/"}], "descriptions": [{"lang": "en", "value": "A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-07-09T18:17:03.669048"}}}, "cveMetadata": {"cveId": "CVE-2023-50806", "state": "PUBLISHED", "dateUpdated": "2024-10-25T17:49:27.232Z", "dateReserved": "2023-12-14T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-07-09T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/ (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/ (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T22:23:42.944Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-50806 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-07-10T16:44:55.696749Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_9820:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_9820 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

1 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_9825:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_9825 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

2 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_980:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_980 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

3 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_990:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_990 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

4 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_850:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_850 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

5 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_1080:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_1080 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

6 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_2100:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_2100 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

7 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_2200:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_2200 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

8 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_1280:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_1280 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

9 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_1380:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_1380 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

10 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_1330:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_1330 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

11 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_9110:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_9110 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

12 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_w920:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_w920 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

13 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_w930:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_w930 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

14 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_modem_5123:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_modem_5123 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

15 : { »

cpes : [ »

0 : cpe:2.3:h:samsung:exynos_modem_5300:*:*:*:*:*:*:*:* (string)

]

vendor : samsung (string)

product : exynos_modem_5300 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : * (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-125 (string)

description : CWE-125 Out-of-bounds Read (string)

}

]

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-07-10T16:45:37.101Z (string)

}

]

cna : { »

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 8.4 (number)

attackVector : LOCAL (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : NONE (string)

confidentialityImpact : HIGH (string)

}

]

affected : [ »

0 : { »

vendor : n/a (string)

product : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

references : [ »

0 : { »

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/ (string)

}

1 : { »

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/ (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : text (string)

description : n/a (string)

}

]

}

]

providerMetadata : { »

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

dateUpdated : 2024-07-09T18:17:03.669048 (string)

}

cveMetadata : { »

cveId : CVE-2023-50806 (string)

state : PUBLISHED (string)

dateUpdated : 2024-10-25T17:49:27.232Z (string)

dateReserved : 2023-12-14T00:00:00 (string)

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

datePublished : 2024-07-09T00:00:00 (string)

assignerShortName : mitre (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"descriptions": [{"lang": "en", "value": "A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command."}, {"lang": "es", "value": "Se descubri\u00f3 una vulnerabilidad en el procesador m\u00f3vil, procesador port\u00e1til y m\u00f3dems de Samsung con versiones Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110 , Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 que permite el acceso fuera de los l\u00edmites a un bufer de mont\u00f3n en el comando proactivo SIM."}], "id": "CVE-2023-50806", "lastModified": "2024-11-21T08:37:19.560", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2024-07-09T19:15:10.820", "references": [{"source": "cve@mitre.org", "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"}, {"source": "cve@mitre.org", "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command. (string)

}

1 : { »

lang : es (string)

value : Se descubrió una vulnerabilidad en el procesador móvil, procesador portátil y módems de Samsung con versiones Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110 , Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 que permite el acceso fuera de los límites a un bufer de montón en el comando proactivo SIM. (string)

}

]

id : CVE-2023-50806 (string)

lastModified : 2024-11-21T08:37:19.560 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 8.4 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 2.5 (number)

impactScore : 5.9 (number)

source : cve@mitre.org (string)

type : Secondary (string)

}

]

}

published : 2024-07-09T19:15:10.820 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/ (string)

}

1 : { »

source : cve@mitre.org (string)

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/ (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/ (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/ (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Awaiting Analysis (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-125 (string)

}

]

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object