OpenCVE

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Samsung	Exynos 1080 Exynos 1280 Exynos 1330 Exynos 1380 Exynos 2100 Exynos 2200 Exynos 850 Exynos 9110 Exynos 980 Exynos 9820 Exynos 9825 Exynos 990 Exynos Modem 5123 Exynos Modem 5300 Exynos W920 Exynos W930

No data.

References

Link	Providers
https://semiconductor.samsung.com/support/quality-support/product-security-updates/
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/

History

Fri, 25 Oct 2024 19:00:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-122

Fri, 25 Oct 2024 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Samsung Samsung exynos 1080 Samsung exynos 1280 Samsung exynos 1330 Samsung exynos 1380 Samsung exynos 2100 Samsung exynos 2200 Samsung exynos 850 Samsung exynos 9110 Samsung exynos 980 Samsung exynos 9820 Samsung exynos 9825 Samsung exynos 990 Samsung exynos Modem 5123 Samsung exynos Modem 5300 Samsung exynos W920 Samsung exynos W930
Weaknesses		CWE-125
CPEs		cpe:2.3:h:samsung:exynos_1080:::::::: cpe:2.3:h:samsung:exynos_1280:::::::: cpe:2.3:h:samsung:exynos_1330:::::::: cpe:2.3:h:samsung:exynos_1380:::::::: cpe:2.3:h:samsung:exynos_2100:::::::: cpe:2.3:h:samsung:exynos_2200:::::::: cpe:2.3:h:samsung:exynos_850:::::::: cpe:2.3:h:samsung:exynos_9110:::::::: cpe:2.3:h:samsung:exynos_980:::::::: cpe:2.3:h:samsung:exynos_9820:::::::: cpe:2.3:h:samsung:exynos_9825:::::::: cpe:2.3:h:samsung:exynos_990:::::::: cpe:2.3:h:samsung:exynos_modem_5123:::::::: cpe:2.3:h:samsung:exynos_modem_5300:::::::: cpe:2.3:h:samsung:exynos_w920:::::::: cpe:2.3:h:samsung:exynos_w930::::::::
Vendors & Products		Samsung Samsung exynos 1080 Samsung exynos 1280 Samsung exynos 1330 Samsung exynos 1380 Samsung exynos 2100 Samsung exynos 2200 Samsung exynos 850 Samsung exynos 9110 Samsung exynos 980 Samsung exynos 9820 Samsung exynos 9825 Samsung exynos 990 Samsung exynos Modem 5123 Samsung exynos Modem 5300 Samsung exynos W920 Samsung exynos W930
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-07-09T00:00:00

Updated: 2024-10-25T17:49:27.232Z

Reserved: 2023-12-14T00:00:00

Link: CVE-2023-50806

Vulnrichment

Updated: 2024-08-02T22:23:42.944Z

NVD

Status : Awaiting Analysis

Published: 2024-07-09T19:15:10.820

Modified: 2024-11-21T08:37:19.560

Link: CVE-2023-50806

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object