Description
An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DATA messages.
Published: 2026-04-06
Score: 10 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A stack-based buffer overflow exists in the SMS parsing logic of Samsung Exynos mobile, wearable, and modem processors. The flaw occurs when handling SMS RP-DATA messages and may allow an attacker to inject crafted data that overflows a stack buffer, potentially leading to arbitrary code execution or privilege escalation on the device. The weakness aligns with CWE‑121 and can compromise system confidentiality, integrity, and availability if exploited.

Affected Systems

The vulnerability affects Samsung Exynos processors and associated firmware across a broad range of models, including the 980, 990, 850, 1080, 1280, 1330, 1380, 1480, 1580, 2100, 2200, 2400, 2500, 9110, 1000, 920, 930, 5123, 5300, and 5400, as well as their mobile, wearable, and modem variants. Specific version information is not disclosed, but any device running the listed hardware platforms is potentially impacted.

Risk and Exploitability

The CVSS score of 10 indicates critical severity, while the EPSS score below 1% suggests a low probability of exploitation in the wild. Samsung has not reported this flaw in the CISA KEV catalog, implying no known public exploits. The most likely attack vector involves remote delivery of a malicious SMS containing specially crafted RP‑DATA content; therefore, an adversary can target devices without physical access.

Generated by OpenCVE AI on April 7, 2026 at 22:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Samsung security updates for Exynos firmware, ensuring all affected processor models are patched.
  • Verify firmware versions on devices and upgrade to the most recent supported releases.
  • For devices where an update is unavailable, consider implementing network‑level filtering to block or inspect high‑risk SMS content, or deploy device management policies that restrict SMS reception from unknown sources.

Generated by OpenCVE AI on April 7, 2026 at 22:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Stack-Based Buffer Overflow in Samsung Exynos SMS Parser

Tue, 07 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Samsung exynos 1080
Samsung exynos 1080 Firmware
Samsung exynos 1280
Samsung exynos 1280 Firmware
Samsung exynos 1330
Samsung exynos 1330 Firmware
Samsung exynos 1380
Samsung exynos 1380 Firmware
Samsung exynos 1480
Samsung exynos 1480 Firmware
Samsung exynos 1580
Samsung exynos 1580 Firmware
Samsung exynos 2100
Samsung exynos 2100 Firmware
Samsung exynos 2200
Samsung exynos 2200 Firmware
Samsung exynos 2400
Samsung exynos 2400 Firmware
Samsung exynos 2500
Samsung exynos 2500 Firmware
Samsung exynos 850
Samsung exynos 850 Firmware
Samsung exynos 9110
Samsung exynos 9110 Firmware
Samsung exynos 980
Samsung exynos 980 Firmware
Samsung exynos 990
Samsung exynos 990 Firmware
Samsung exynos Modem 5123
Samsung exynos Modem 5123 Firmware
Samsung exynos Modem 5300
Samsung exynos Modem 5300 Firmware
Samsung exynos Modem 5400
Samsung exynos Modem 5400 Firmware
Samsung exynos W1000
Samsung exynos W1000 Firmware
Samsung exynos W920
Samsung exynos W920 Firmware
Samsung exynos W930
Samsung exynos W930 Firmware
CPEs cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1580:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2400:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2500:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_990:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5400:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w1000:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w930:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1580_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_990_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_modem_5400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_w1000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_w930_firmware:-:*:*:*:*:*:*:*
Vendors & Products Samsung exynos 1080
Samsung exynos 1080 Firmware
Samsung exynos 1280
Samsung exynos 1280 Firmware
Samsung exynos 1330
Samsung exynos 1330 Firmware
Samsung exynos 1380
Samsung exynos 1380 Firmware
Samsung exynos 1480
Samsung exynos 1480 Firmware
Samsung exynos 1580
Samsung exynos 1580 Firmware
Samsung exynos 2100
Samsung exynos 2100 Firmware
Samsung exynos 2200
Samsung exynos 2200 Firmware
Samsung exynos 2400
Samsung exynos 2400 Firmware
Samsung exynos 2500
Samsung exynos 2500 Firmware
Samsung exynos 850
Samsung exynos 850 Firmware
Samsung exynos 9110
Samsung exynos 9110 Firmware
Samsung exynos 980
Samsung exynos 980 Firmware
Samsung exynos 990
Samsung exynos 990 Firmware
Samsung exynos Modem 5123
Samsung exynos Modem 5123 Firmware
Samsung exynos Modem 5300
Samsung exynos Modem 5300 Firmware
Samsung exynos Modem 5400
Samsung exynos Modem 5400 Firmware
Samsung exynos W1000
Samsung exynos W1000 Firmware
Samsung exynos W920
Samsung exynos W920 Firmware
Samsung exynos W930
Samsung exynos W930 Firmware

Tue, 07 Apr 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Samsung
Samsung exynos
Vendors & Products Samsung
Samsung exynos

Tue, 07 Apr 2026 08:00:00 +0000

Type Values Removed Values Added
Title Stack-Based Buffer Overflow in Samsung Exynos SMS Parser

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 06 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
Description An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DATA messages.
References

Subscriptions

Samsung Exynos Exynos 1080 Exynos 1080 Firmware Exynos 1280 Exynos 1280 Firmware Exynos 1330 Exynos 1330 Firmware Exynos 1380 Exynos 1380 Firmware Exynos 1480 Exynos 1480 Firmware Exynos 1580 Exynos 1580 Firmware Exynos 2100 Exynos 2100 Firmware Exynos 2200 Exynos 2200 Firmware Exynos 2400 Exynos 2400 Firmware Exynos 2500 Exynos 2500 Firmware Exynos 850 Exynos 850 Firmware Exynos 9110 Exynos 9110 Firmware Exynos 980 Exynos 980 Firmware Exynos 990 Exynos 990 Firmware Exynos Modem 5123 Exynos Modem 5123 Firmware Exynos Modem 5300 Exynos Modem 5300 Firmware Exynos Modem 5400 Exynos Modem 5400 Firmware Exynos W1000 Exynos W1000 Firmware Exynos W920 Exynos W920 Firmware Exynos W930 Exynos W930 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-06T20:04:55.456Z

Reserved: 2025-07-20T00:00:00.000Z

Link: CVE-2025-54328

cve-icon Vulnrichment

Updated: 2026-04-06T20:02:41.995Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-06T20:16:20.490

Modified: 2026-04-07T17:28:19.270

Link: CVE-2025-54328

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:52:47Z

Weaknesses