CVE-2024-39890 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 74%

Affected Products (NVD)

Vendor	Product	Version
samsung	exynos_modem_5123_firmware	-
samsung	exynos_modem_5300_firmware	-
samsung	exynos_9820_firmware	-
samsung	exynos_9825_firmware	-
samsung	exynos_980_firmware	-
samsung	exynos_990_firmware	-
samsung	exynos_850_firmware	-
samsung	exynos_1080_firmware	-
samsung	exynos_2100_firmware	-
samsung	exynos_1280_firmware	-
samsung	exynos_2200_firmware	-
samsung	exynos_1330_firmware	-
samsung	exynos_1380_firmware	-
samsung	exynos_1480_firmware	-
samsung	exynos_2400_firmware	-
samsung	exynos_9110_firmware	-
samsung	exynos_w920_firmware	-
samsung	exynos_w930_firmware	-
samsung	exynos_w1000_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-787 - Out-of-bounds Write
The software writes data past the end, or before the beginning, of the intended buffer.

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/