CVE-2023-49927

EUVD-2023-53822
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
samsungexynos_9820_firmware
-
samsungexynos_9825_firmware
-
samsungexynos_980_firmware
-
samsungexynos_990_firmware
-
samsungexynos_850_firmware
-
samsungexynos_1080_firmware
-
samsungexynos_2100_firmware
-
samsungexynos_2200_firmware
-
samsungexynos_1280_firmware
-
samsungexynos_1380_firmware
-
samsungexynos_1330_firmware
-
samsungexynos_modem_5123_firmware
-
samsungexynos_modem_5300_firmware
-
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
samsungexynos_980
𝑥
≤ *
ADP
samsungexynos_990
𝑥
≤ *
ADP
samsungexynos_850
𝑥
≤ *
ADP
samsungexynos_1080
𝑥
≤ *
ADP
samsungexynos_2200
𝑥
≤ *
ADP
samsungexynos_1280
𝑥
≤ *
ADP
samsungexynos_1380
𝑥
≤ *
ADP
samsungexynos_1330
𝑥
≤ *
ADP
samsungexynos_9110
𝑥
≤ *
ADP
samsungexynos_w920
𝑥
≤ *
ADP
samsungexynos_modem_5123
𝑥
≤ *
ADP
samsungexynos_modem_5300
𝑥
≤ *
ADP
samsungexynos_2100
𝑥
≤ *
ADP
Common Weakness Enumeration
References
https://semiconductor.samsung.com/support/quality-support/product-security-updates/
https://semiconductor.samsung.com/support/quality-support/product-security-updates/