1. Home
  2. CVE Database
  3. CVE-2023-26076
HIGH · 7.6

CVE-2023-26076

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the ...

Vulnerability Description

An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G SM message codec can occur due to insufficient parameter validation when decoding reserved options.

CVSS Score

7.6

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
HIGH

Affected Products

VendorProductVersions
SamsungExynos 1280 Firmware-
SamsungExynos 1280-
SamsungExynos 2200 Firmware-
SamsungExynos 2200-
SamsungExynos Modem 5123 Firmware-
SamsungExynos Modem 5123-
SamsungExynos Modem 5300 Firmware-
SamsungExynos Modem 5300-
SamsungExynos Auto T5123 Firmware-
SamsungExynos Auto T5123-

Related Weaknesses (CWE)

CWE-120

References

FAQ

What is CVE-2023-26076?

CVE-2023-26076 is a vulnerability with a CVSS score of 7.6 (HIGH). An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the ...

How severe is CVE-2023-26076?

CVE-2023-26076 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-26076?

Check the references section above for vendor advisories and patch information. Affected products include: Samsung Exynos 1280 Firmware, Samsung Exynos 1280, Samsung Exynos 2200 Firmware, Samsung Exynos 2200, Samsung Exynos Modem 5123 Firmware.