Skip to main content

Exynos 5300 Firmware CVE-2023-29085

HIGH
Out-of-bounds Write (CWE-787)
2023-04-14 cve@mitre.org
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Apr 14, 2023 - 21:15 nvd
HIGH 7.5

DescriptionNVD

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line.

AnalysisAI

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line. Affected products include: Samsung Exynos 5300 Firmware, Samsung Exynos 5123 Firmware, Samsung Exynos 980 Firmware, Samsung Exynos 9110 Firmware, Samsung Exynos 1080 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

CVE-2023-31116 CRITICAL
9.8 Jun 07

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Rated critical severity (CVS

CVE-2023-31114 CRITICAL
9.1 Jun 07

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Rated critical severity (CVS

CVE-2023-29092 HIGH
7.8 May 09

An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and E

CVE-2023-31115 HIGH
7.5 Jun 07

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Rated high severity (CVSS 7.

CVE-2023-29091 HIGH
7.5 Apr 14

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos

CVE-2023-29090 HIGH
7.5 Apr 14

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos

CVE-2023-29089 HIGH
7.5 Apr 14

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos

CVE-2023-29088 HIGH
7.5 Apr 14

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos

CVE-2023-29087 HIGH
7.5 Apr 14

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos

CVE-2023-29086 HIGH
7.5 Apr 14

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos

Share

CVE-2023-29085 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy