Lucene search

[email protected]NVD:CVE-2023-26497

HistoryMar 21, 2023 - 10:15 p.m.

CVE-2023-26497

2023-03-2122:15:12

CWE-787

[email protected]

web.nvd.nist.gov

samsung baseband modem

memory corruption

session description negotiation

video configuration attribute

exynos modem

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.002

Percentile

54.7%

JSON

An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Memory corruption can occur when processing Session Description Negotiation for Video Configuration Attribute.

Affected configurations

Nvd

Node

samsungexynos_modem_5300_firmwareMatch-

AND

samsungexynos_modem_5300Match-

Node

samsungexynos_modem_5123_firmwareMatch-

AND

samsungexynos_modem_5123Match-

Node

samsungexynos_980_firmwareMatch-

AND

samsungexynos_980Match-

Node

samsungexynos_1080_firmwareMatch-

AND

samsungexynos_1080Match-

Node

samsungexynos_auto_t5123_firmwareMatch-

AND

samsungexynos_auto_t5123Match-

VendorProductVersionCPE
samsungexynos_modem_5300_firmware-cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
samsungexynos_modem_5300-cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*
samsungexynos_modem_5123_firmware-cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
samsungexynos_modem_5123-cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*
samsungexynos_980_firmware-cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
samsungexynos_980-cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*
samsungexynos_1080_firmware-cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
samsungexynos_1080-cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*
samsungexynos_auto_t5123_firmware-cpe:2.3:o:samsung:exynos_auto_t5123_firmware:-:*:*:*:*:*:*:*
samsungexynos_auto_t5123-cpe:2.3:h:samsung:exynos_auto_t5123:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	exynos_modem_5300_firmware	-	cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:::::::*
samsung	exynos_modem_5300	-	cpe:2.3:h:samsung:exynos_modem_5300:-:::::::*
samsung	exynos_modem_5123_firmware	-	cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:::::::*
samsung	exynos_modem_5123	-	cpe:2.3:h:samsung:exynos_modem_5123:-:::::::*
samsung	exynos_980_firmware	-	cpe:2.3:o:samsung:exynos_980_firmware:-:::::::*
samsung	exynos_980	-	cpe:2.3:h:samsung:exynos_980:-:::::::*
samsung	exynos_1080_firmware	-	cpe:2.3:o:samsung:exynos_1080_firmware:-:::::::*
samsung	exynos_1080	-	cpe:2.3:h:samsung:exynos_1080:-:::::::*
samsung	exynos_auto_t5123_firmware	-	cpe:2.3:o:samsung:exynos_auto_t5123_firmware:-:::::::*
samsung	exynos_auto_t5123	-	cpe:2.3:h:samsung:exynos_auto_t5123:-:::::::*

References

semiconductor.samsung.com/processor/mobile-processor/

semiconductor.samsung.com/processor/modem/

semiconductor.samsung.com/support/quality-support/product-security-updates/

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.002

Percentile

54.7%

JSON

Related for NVD:CVE-2023-26497

cve1 cvelist1 prion1 googleprojectzero1