1. Home
  2. CVE Database
  3. CVE-2023-37368
MEDIUM · 5.9

CVE-2023-37368

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 98...

Vulnerability Description

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
SamsungExynos 9810 Firmware-
SamsungExynos 9810-
SamsungExynos 9610 Firmware-
SamsungExynos 9610-
SamsungExynos 9820 Firmware-
SamsungExynos 9820-
SamsungExynos 980 Firmware-
SamsungExynos 980-
SamsungExynos 850 Firmware-
SamsungExynos 850-
SamsungExynos 1080 Firmware-
SamsungExynos 1080-
SamsungExynos 2100 Firmware-
SamsungExynos 2100-
SamsungExynos 2200 Firmware-
SamsungExynos 2200-
SamsungExynos 1280 Firmware-
SamsungExynos 1280-
SamsungExynos 1380 Firmware-
SamsungExynos 1380-

Related Weaknesses (CWE)

CWE-476

References

FAQ

What is CVE-2023-37368?

CVE-2023-37368 is a vulnerability with a CVSS score of 5.9 (MEDIUM). An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 98...

How severe is CVE-2023-37368?

CVE-2023-37368 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-37368?

Check the references section above for vendor advisories and patch information. Affected products include: Samsung Exynos 9810 Firmware, Samsung Exynos 9810, Samsung Exynos 9610 Firmware, Samsung Exynos 9610, Samsung Exynos 9820 Firmware.