CVE-2024-39343

HIGH

7.0

Description

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead to Denial of Service.

CVE Details

CVSS v3.1 Score7.0

SeverityHIGH

CVSS VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Attack VectorNETWORK

ComplexityHIGH

Privileges RequiredNONE

User InteractionNONE

Published12/2/2024

Last Modified7/1/2025

Sourcenvd

Honeypot Sightings0

Affected Products

samsung:exynos_1280samsung:exynos_1280_firmwaresamsung:exynos_1330samsung:exynos_1330_firmwaresamsung:exynos_1380samsung:exynos_1380_firmwaresamsung:exynos_1480samsung:exynos_1480_firmwaresamsung:exynos_2100samsung:exynos_2100_firmwaresamsung:exynos_2400samsung:exynos_2400_firmwaresamsung:exynos_9110samsung:exynos_9110_firmwaresamsung:exynos_modem_5123samsung:exynos_modem_5123_firmwaresamsung:exynos_modem_5300samsung:exynos_modem_5300_firmware

Weaknesses (CWE)

CWE-1284

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/(cve@mitre.org)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.