CVE-2023-45864

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-45864
A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas.

4.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.0 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:samsung:exynos_9820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*
History

15 Dec 2023, 19:18

Type Values Removed Values Added
Summary
  • (es) Un problema de condición de ejecución descubierto en el procesador móvil Samsung Exynos 9820, 980, 1080, 2100, 2200, 1280 y 1380 permite modificaciones no deseadas de valores dentro de ciertas áreas.
References () https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - () https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - Vendor Advisory
CVSS v2 : unknown
v3 : 4.0 		v2 : unknown
v3 : 4.7
CPE cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_9820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
CWE CWE-362
First Time Samsung exynos 1280 Firmware
Samsung exynos 1280
Samsung exynos 980
Samsung exynos 9820
Samsung exynos 980 Firmware
Samsung exynos 2100
Samsung exynos 9820 Firmware
Samsung exynos 2100 Firmware
Samsung exynos 1080
Samsung exynos 1080 Firmware
Samsung exynos 1380
Samsung
Samsung exynos 2200 Firmware
Samsung exynos 2200
Samsung exynos 1380 Firmware

13 Dec 2023, 01:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-13 01:15

Updated : 2023-12-15 19:18

NVD link : CVE-2023-45864

Mitre link : CVE-2023-45864

CVE.ORG link : CVE-2023-45864

JSON object : View

Products Affected

samsung

  • exynos_2200
  • exynos_9820_firmware
  • exynos_2100_firmware
  • exynos_1080
  • exynos_1080_firmware
  • exynos_2200_firmware
  • exynos_980
  • exynos_1380_firmware
  • exynos_1280_firmware
  • exynos_9820
  • exynos_2100
  • exynos_1380
  • exynos_980_firmware
  • exynos_1280
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')