1. Home
  2. CVE Database
  3. CVE-2024-25074
MEDIUM · 5.9

CVE-2024-25074

An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 138...

Vulnerability Description

An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check a pointer specified by the SM (Session Management module), which can lead to Denial of Service (Untrusted Pointer Dereference).

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
SamsungExynos 9820 Firmware-
SamsungExynos 9820-
SamsungExynos 9825 Firmware-
SamsungExynos 9825-
SamsungExynos 980 Firmware-
SamsungExynos 980-
SamsungExynos 990 Firmware-
SamsungExynos 990-
SamsungExynos 850 Firmware-
SamsungExynos 850-
SamsungExynos 1080 Firmware-
SamsungExynos 1080-
SamsungExynos 2100 Firmware-
SamsungExynos 2100-
SamsungExynos 2200 Firmware-
SamsungExynos 2200-
SamsungExynos 1280 Firmware-
SamsungExynos 1280-
SamsungExynos 1380 Firmware-
SamsungExynos 1380-

Related Weaknesses (CWE)

CWE-763

References

FAQ

What is CVE-2024-25074?

CVE-2024-25074 is a vulnerability with a CVSS score of 5.9 (MEDIUM). An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 138...

How severe is CVE-2024-25074?

CVE-2024-25074 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-25074?

Check the references section above for vendor advisories and patch information. Affected products include: Samsung Exynos 9820 Firmware, Samsung Exynos 9820, Samsung Exynos 9825 Firmware, Samsung Exynos 9825, Samsung Exynos 980 Firmware.