Published: 13/03/2023 Updated: 04/05/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol (SDP) module, which can lead to a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samsung exynos_modem_5300_firmware -
samsung exynos_modem_5123_firmware -
samsung exynos_980_firmware -
samsung exynos_1080_firmware -
samsung exynos_auto_t5123_firmware -

Google: Turn off Wi-Fi calling, VoLTE to protect your Android from Samsung hijack bugs

The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Four flaws open mobiles, cars to remote-control at baseband level with just a phone number

Google security analysts have warned Android device users that several zero-day vulnerabilities in some Samsung chipsets could allow an attacker to completely hijack and remote-control their handsets knowing just the phone number. Between late 2022 and early this year, Google's Project Zero found and reported 18 of these bugs in Samsung's Exynos cellular modem firmware, according to Tim Willis, who heads the bug-hunting team. Four of the 18 zero-day flaws can allow internet-to-baseband remote co...

CVE-2023-24033

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect