CVE-2024-28818

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) module. This can lead to disclosure of sensitive information.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:samsung:exynos_990_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_990:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:samsung:exynos_2400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2400:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*

History

27 Jun 2024, 16:43

Type Values Removed Values Added
CWE NVD-CWE-noinfo
First Time Samsung exynos 1280 Firmware
Samsung exynos 2400 Firmware
Samsung exynos 2400
Samsung exynos 2100
Samsung exynos 1080
Samsung exynos 1380 Firmware
Samsung exynos 1330 Firmware
Samsung exynos Modem 5123 Firmware
Samsung exynos Modem 5300 Firmware
Samsung exynos 1080 Firmware
Samsung
Samsung exynos 2200 Firmware
Samsung exynos Modem 5123
Samsung exynos 1330
Samsung exynos Modem 5300
Samsung exynos 2200
Samsung exynos 1380
Samsung exynos 2100 Firmware
Samsung exynos 980
Samsung exynos 990 Firmware
Samsung exynos 990
Samsung exynos 980 Firmware
Samsung exynos 1280
CVSS v2 : unknown
v3 : 5.9
v2 : unknown
v3 : 7.5
CPE cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_990:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_990_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_2400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2400:-:*:*:*:*:*:*:*
References () https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - () https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - Vendor Advisory

25 Jun 2024, 20:15

Type Values Removed Values Added
Summary (en) An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 2400, 9110, W920, W930, Modem 5123, Modem 5300, and Auto T5123. The baseband software does not properly check states specified by the RRC (Radio Resource Control) module. This can lead to disclosure of sensitive information. (en) An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) module. This can lead to disclosure of sensitive information.

06 Jun 2024, 14:17

Type Values Removed Values Added
Summary
  • (es) Se descubrió un problema en el procesador móvil, el procesador portátil, el procesador automotriz y el módem Samsung Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 2400, 9110, W920, W930, Módem 5123, Módem 5300, y Auto T5123. El software de banda base no verifica adecuadamente los estados especificados por el módulo RRC (Control de recursos de radio). Esto puede dar lugar a la divulgación de información confidencial.

05 Jun 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-05 19:15

Updated : 2024-06-27 16:43


NVD link : CVE-2024-28818

Mitre link : CVE-2024-28818

CVE.ORG link : CVE-2024-28818


JSON object : View

Products Affected

samsung

  • exynos_2100
  • exynos_2100_firmware
  • exynos_modem_5123_firmware
  • exynos_2400_firmware
  • exynos_2200_firmware
  • exynos_modem_5300_firmware
  • exynos_1280
  • exynos_980_firmware
  • exynos_1380
  • exynos_1330_firmware
  • exynos_2400
  • exynos_modem_5123
  • exynos_990
  • exynos_990_firmware
  • exynos_1080_firmware
  • exynos_1080
  • exynos_2200
  • exynos_1330
  • exynos_980
  • exynos_modem_5300
  • exynos_1380_firmware
  • exynos_1280_firmware