Nr15

Privilege escalation in Modem affects Nr17, Lr13, Nr16, Lr12a, and Nr15 devices through an out-of-bounds write vulnerability triggered when connecting to a rogue base station. An attacker controlling a malicious base station can achieve remote code execution and full system compromise without requiring additional privileges or user interaction beyond initial network connection. No patch is currently available for this high-severity vulnerability.

Improper input validation in Modem firmware (Nr16, Nr15, Nr17r, Nr17) enables remote denial of service attacks when devices connect to attacker-controlled base stations. An unauthenticated attacker can trigger a system crash without user interaction or special privileges. No patch is currently available for this vulnerability.

The Nr15 modem is susceptible to a denial-of-service attack through improper input validation when connecting to a rogue base station, allowing an attacker to trigger a system crash without requiring user interaction or special privileges. An unauthenticated attacker within radio proximity can exploit this vulnerability to render affected modems unresponsive. No patch is currently available for this issue.

Improper error handling in the modem component of Nr15, Nr16, and Nr17 devices enables denial of service attacks when a device connects to an attacker-controlled base station. An unauthenticated remote attacker can trigger a system crash without user interaction, and no patch is currently available. The vulnerability affects all Nr-series products with a CVSS score of 6.5.

Nr15 versions up to - is affected by allocation of resources without limits or throttling (CVSS 6.5).

A missing bounds check in the Modem component affecting Nr17r, Nr16, Nr15, and Nr17 devices enables remote denial of service attacks when a user connects to an attacker-controlled base station, causing system crashes without requiring user interaction or elevated privileges. The vulnerability allows unauthenticated attackers on the same network segment to crash affected devices remotely. No patch is currently available for this vulnerability.

Denial of service attacks against Nr15, Nr16, and Nr17 modems are possible through improper input validation when a device connects to an attacker-controlled base station. An unauthenticated attacker can trigger a system crash without requiring user interaction or special privileges. No patch is currently available for this vulnerability.

Modem firmware versions Nr15, Nr16, Nr17, and Nr17r are susceptible to denial of service attacks due to insufficient bounds checking in memory operations. An attacker controlling a rogue base station can trigger a system crash on connected devices without requiring authentication or user interaction. No patch is currently available for this vulnerability.

The Nr15 Modem lacks proper input validation in message handling, allowing an attacker controlling a rogue base station to trigger a denial of service condition and crash the system without requiring user interaction or special privileges. This vulnerability affects any device connecting to the compromised base station and currently lacks a vendor patch.

Nr15 modem suffers from an uncaught exception vulnerability that allows remote attackers to trigger a denial of service by connecting a device to a malicious base station. No special privileges or user interaction are required to exploit this network-based flaw. A patch is not currently available.

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. [CVSS 6.5 MEDIUM]

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. [CVSS 6.5 MEDIUM]

Nr15 versions up to - is affected by improper check for unusual or exceptional conditions (CVSS 6.5).

In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. [CVSS 6.5 MEDIUM]

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661189; Issue ID: MSV-4298.

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01677581; Issue ID: MSV-4701.

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673760; Issue ID: MSV-4650.

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673755; Issue ID: MSV-4647.

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673751; Issue ID: MSV-4644.

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643.

In Modem, there is a possible application crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00628396; Issue ID: MSV-4775.

In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689251; Issue ID: MSV-4840.

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689252; Issue ID: MSV-4841.

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01270690; Issue ID: MSV-4301.

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661195; Issue ID: MSV-4297.

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661199; Issue ID: MSV-4296.

In Modem, there is a possible out of bounds write due to a heap buffer overflow. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

In Modem, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

In ims service, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

In Modem, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

In Modem, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01394606; Issue ID: MSV-2739.

In Modem, there is a possible information disclosure due to incorrect error handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

In Modem, there is a possible system crash due to an uncaught exception. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

In Modem, there is a possible system crash due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

In Modem, there is a possible memory corruption due to incorrect error handling. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

In Modem, there is a possible system crash due to a logic error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

In Modem, there is a possible system crash due to improper input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.