CVE-2025-58349

| EUVD-2025-209247 CRITICAL
2026-04-06 mitre
9.1
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Apr 06, 2026 - 19:00 euvd
EUVD-2025-209247
Analysis Generated
Apr 06, 2026 - 19:00 vuln.today
CVE Published
Apr 06, 2026 - 00:00 nvd
CRITICAL 9.1

Tags

Samsung Denial Of Service

Description

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect handling of LTE MAC packets containing many MAC Control Elements (CEs) leads to baseband crashes.

Analysis

Baseband denial-of-service in Samsung Exynos chipsets (980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, 5300, 5400) allows remote attackers to crash mobile device basebands via malformed LTE MAC packets without authentication. The vulnerability affects the L2 layer processing of MAC Control Elements, enabling network-based attacks against cellular connectivity. EPSS score of 0.02% indicates low observed exploitation probability, and no public exploit identified at time of analysis, though the CVSS score of 9.1 reflects the severity of remotely disrupting critical cellular communications infrastructure.

Technical Context

This vulnerability resides in the Layer 2 (data link layer) implementation of Samsung Exynos chipsets' baseband processors, specifically in the LTE Medium Access Control (MAC) protocol handler. The MAC layer manages resource allocation and multiplexing for LTE communications through Control Elements (CEs) that carry control information alongside user data. The flaw stems from incorrect handling when processing MAC packets containing an excessive number of MAC CEs, triggering a resource exhaustion condition (CWE-400: Uncontrolled Resource Consumption). When the baseband processor encounters these malformed packets, it fails to properly validate or limit the number of CEs being processed, leading to memory exhaustion, buffer overflows, or state corruption that crashes the baseband subsystem. This affects both mobile processors and standalone modems across Samsung's Exynos product line, impacting devices' ability to maintain cellular network connectivity. The baseband operates independently from the application processor, so crashes at this level can cause complete loss of cellular functionality requiring device reboot.

Affected Products

The vulnerability affects Samsung Exynos mobile processors models 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, and 2500; Samsung Exynos wearable processors W920, W930, and W1000; Samsung Exynos automotive processor 9110; and Samsung Exynos standalone modems 5123, 5300, and 5400. These chipsets are used across Samsung Galaxy smartphones, Galaxy Watch devices, and various OEM products incorporating Samsung modem technology. The CPE data is generic (cpe:2.3:a:n/a:n/a) and version information is listed as 'n/a', indicating Samsung has not published granular firmware version details. Affected devices span multiple product generations released between approximately 2019-2024. Complete product security information and affected device lists are available at Samsung Semiconductor's official advisory at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58349/.

Remediation

Users should apply firmware updates provided by device manufacturers (Samsung, and OEMs using Exynos chipsets) as they become available through standard device update mechanisms. Samsung has published security advisory details at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58349/, though specific patched firmware versions are not publicly disclosed in available data. Device owners should check Settings > Software Update (or equivalent on their specific device) and install all available system updates. For enterprise deployments, administrators should monitor vendor security bulletins and prioritize updates for devices used in sensitive environments or by high-risk users. No effective workaround exists as the vulnerability is in baseband firmware processing mandatory LTE protocol traffic; disabling cellular connectivity would eliminate attack surface but defeats device functionality. Organizations concerned about targeted attacks could implement network-level monitoring for anomalous cellular traffic patterns or limit high-risk users to devices with confirmed patched firmware.

Priority Score

46
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +46
POC: 0

Share

CVE-2025-58349 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy