What is the CVSS score of CVE-2025-58349?

CVE-2025-58349 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of Samsung are affected by CVE-2025-58349?

CVE-2025-58349 is a critical remote denial-of-service vulnerability affecting Samsung Exynos baseband processors across multiple chipset generations used in enterprise and consumer mobile devices.

How to fix or mitigate CVE-2025-58349?

Within 24 hours: Inventory all Samsung devices with affected Exynos chipsets (980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, 5300, 5400) and document criticality classifications. Within 7 days: Contact Samsung support for patch availability timeline and interim guidance; restrict affected devices from untrusted networks where feasible; enable network segmentation for critical mobile deployments. Within 30 days: Deploy any vendor-released patches immediately upon availability; for unpatched devices, implement compensating controls per Samsung advisory.

Samsung CVE-2025-58349

EUVD-2025-209247 CRITICAL

Uncontrolled Resource Consumption (CWE-400)

2026-04-06 mitre

Denial Of Service Samsung

9.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Apr 06, 2026 - 19:00 euvd

EUVD-2025-209247

Analysis Generated

Apr 06, 2026 - 19:00 vuln.today

CVE Published

Apr 06, 2026 - 00:00 nvd

CRITICAL 9.1

DescriptionNVD

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect handling of LTE MAC packets containing many MAC Control Elements (CEs) leads to baseband crashes.

AnalysisAI

Baseband denial-of-service in Samsung Exynos chipsets (980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, 5300, 5400) allows remote attackers to crash mobile device basebands via malformed LTE MAC packets without authentication. The vulnerability affects the L2 layer processing of MAC Control Elements, enabling network-based attacks against cellular connectivity. EPSS score of 0.02% indicates low observed exploitation probability, and no public exploit identified at time of analysis, though the CVSS score of 9.1 reflects the severity of remotely disrupting critical cellular communications infrastructure.

Technical ContextAI

This vulnerability resides in the Layer 2 (data link layer) implementation of Samsung Exynos chipsets' baseband processors, specifically in the LTE Medium Access Control (MAC) protocol handler. The MAC layer manages resource allocation and multiplexing for LTE communications through Control Elements (CEs) that carry control information alongside user data. The flaw stems from incorrect handling when processing MAC packets containing an excessive number of MAC CEs, triggering a resource exhaustion condition (CWE-400: Uncontrolled Resource Consumption). When the baseband processor encounters these malformed packets, it fails to properly validate or limit the number of CEs being processed, leading to memory exhaustion, buffer overflows, or state corruption that crashes the baseband subsystem. This affects both mobile processors and standalone modems across Samsung's Exynos product line, impacting devices' ability to maintain cellular network connectivity. The baseband operates independently from the application processor, so crashes at this level can cause complete loss of cellular functionality requiring device reboot.

RemediationAI

Users should apply firmware updates provided by device manufacturers (Samsung, and OEMs using Exynos chipsets) as they become available through standard device update mechanisms. Samsung has published security advisory details at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58349/, though specific patched firmware versions are not publicly disclosed in available data. Device owners should check Settings > Software Update (or equivalent on their specific device) and install all available system updates. For enterprise deployments, administrators should monitor vendor security bulletins and prioritize updates for devices used in sensitive environments or by high-risk users. No effective workaround exists as the vulnerability is in baseband firmware processing mandatory LTE protocol traffic; disabling cellular connectivity would eliminate attack surface but defeats device functionality. Organizations concerned about targeted attacks could implement network-level monitoring for anomalous cellular traffic patterns or limit high-risk users to devices with confirmed patched firmware.