Vulnerability Description
The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol (SDP) module, which can lead to a denial of service.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samsung | Exynos Modem 5300 Firmware | - |
| Samsung | Exynos Modem 5300 | - |
| Samsung | Exynos Modem 5123 Firmware | - |
| Samsung | Exynos Modem 5123 | - |
| Samsung | Exynos 980 Firmware | - |
| Samsung | Exynos 980 | - |
| Samsung | Exynos 1080 Firmware | - |
| Samsung | Exynos 1080 | - |
| Samsung | Exynos Auto T5123 Firmware | - |
| Samsung | Exynos Auto T5123 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/172137/Shannon-Baseband-accept-type-SDP-Att
- https://semiconductor.samsung.com/processor/modem/Product
- https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory
- http://packetstormsecurity.com/files/172137/Shannon-Baseband-accept-type-SDP-Att
- https://semiconductor.samsung.com/processor/modem/Product
- https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory
FAQ
What is CVE-2023-24033?
CVE-2023-24033 is a vulnerability with a CVSS score of 7.5 (HIGH). The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol...
How severe is CVE-2023-24033?
CVE-2023-24033 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-24033?
Check the references section above for vendor advisories and patch information. Affected products include: Samsung Exynos Modem 5300 Firmware, Samsung Exynos Modem 5300, Samsung Exynos Modem 5123 Firmware, Samsung Exynos Modem 5123, Samsung Exynos 980 Firmware.