CVE-2023-37368

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-37368
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:samsung:exynos_9810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9810:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:samsung:exynos_9610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:samsung:exynos_9820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:samsung:exynos_auto_t5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_auto_t5123:-:*:*:*:*:*:*:*
History

13 Sep 2023, 02:37

Type Values Removed Values Added
CWE CWE-476
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
References (MISC) https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - (MISC) https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - Vendor Advisory
First Time Samsung exynos 9610
Samsung exynos W920
Samsung exynos 1080 Firmware
Samsung exynos Modem 5123
Samsung exynos 1330 Firmware
Samsung exynos 1280 Firmware
Samsung exynos 9610 Firmware
Samsung exynos 1080
Samsung exynos 9810 Firmware
Samsung exynos 2100 Firmware
Samsung exynos Modem 5300
Samsung exynos 1330
Samsung exynos Modem 5123 Firmware
Samsung exynos 2200
Samsung exynos 9110 Firmware
Samsung exynos 2100
Samsung exynos Modem 5300 Firmware
Samsung exynos W920 Firmware
Samsung exynos 1380
Samsung exynos 850
Samsung exynos 1380 Firmware
Samsung exynos 9110
Samsung exynos Auto T5123 Firmware
Samsung exynos 9820
Samsung exynos 980
Samsung exynos 9810
Samsung exynos 1280
Samsung
Samsung exynos 980 Firmware
Samsung exynos 2200 Firmware
Samsung exynos 9820 Firmware
Samsung exynos 850 Firmware
Samsung exynos Auto T5123
CPE cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_auto_t5123:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_9810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9810:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_auto_t5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_9820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_9610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*

08 Sep 2023, 03:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-09-08 03:15

Updated : 2024-02-28 20:33

NVD link : CVE-2023-37368

Mitre link : CVE-2023-37368

CVE.ORG link : CVE-2023-37368

JSON object : View

Products Affected

samsung

  • exynos_1080_firmware
  • exynos_2200
  • exynos_2100_firmware
  • exynos_9810_firmware
  • exynos_850_firmware
  • exynos_modem_5123_firmware
  • exynos_modem_5123
  • exynos_9110
  • exynos_w920_firmware
  • exynos_980
  • exynos_9820
  • exynos_1280_firmware
  • exynos_1280
  • exynos_1380_firmware
  • exynos_850
  • exynos_w920
  • exynos_1380
  • exynos_9810
  • exynos_1080
  • exynos_2100
  • exynos_9610
  • exynos_1330
  • exynos_auto_t5123
  • exynos_1330_firmware
  • exynos_9610_firmware
  • exynos_9820_firmware
  • exynos_980_firmware
  • exynos_auto_t5123_firmware
  • exynos_9110_firmware
  • exynos_modem_5300
  • exynos_2200_firmware
  • exynos_modem_5300_firmware
CWE
CWE-476

NULL Pointer Dereference


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024