Total
36 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21517 | 1 Samsung | 1 Exynos | 2023-12-10 | N/A | 9.8 CRITICAL |
| Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. | |||||
| CVE-2023-21503 | 1 Samsung | 2 Android, Exynos | 2023-12-10 | N/A | 9.8 CRITICAL |
| Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | |||||
| CVE-2023-21494 | 1 Samsung | 2 Android, Exynos | 2023-12-10 | N/A | 9.8 CRITICAL |
| Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | |||||
| CVE-2022-39902 | 1 Samsung | 2 Exynos, Exynos Firmware | 2023-12-10 | N/A | 7.5 HIGH |
| Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call. | |||||
| CVE-2023-21455 | 1 Samsung | 2 Exynos, Exynos Firmware | 2023-12-10 | N/A | 9.1 CRITICAL |
| Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message. | |||||
| CVE-2022-39901 | 1 Samsung | 2 Exynos, Exynos Firmware | 2023-12-10 | N/A | 6.5 MEDIUM |
| Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB. | |||||
| CVE-2022-39881 | 1 Samsung | 2 Exynos, Exynos Firmware | 2023-12-10 | N/A | 9.1 CRITICAL |
| Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory. | |||||
| CVE-2022-39854 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | N/A | 7.8 HIGH |
| Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory. | |||||
| CVE-2022-23431 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-25819 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory. | |||||
| CVE-2022-23425 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | |||||
| CVE-2022-25821 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 3.6 LOW | 7.1 HIGH |
| Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read. | |||||
| CVE-2022-23432 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-23428 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25476 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
| An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. | |||||
| CVE-2021-25478 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
| A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25469 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | |||||
| CVE-2021-25468 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
| A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address. | |||||
| CVE-2021-25470 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 3.6 LOW | 7.9 HIGH |
| An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. | |||||
| CVE-2021-25503 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution. | |||||