CVE-2024-27362 — MEDIUM (4.4)

Vulnerability Description

A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead to a Information disclosure.

CVSS Score

4.4

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Samsung	Exynos 1280 Firmware	-
Samsung	Exynos 1280	-
Samsung	Exynos 2200 Firmware	-
Samsung	Exynos 2200	-
Samsung	Exynos 1330 Firmware	-
Samsung	Exynos 1330	-
Samsung	Exynos 1380 Firmware	-
Samsung	Exynos 1380	-
Samsung	Exynos 2400 Firmware	-
Samsung	Exynos 2400	-

Related Weaknesses (CWE)

CWE-1284 CWE-200

References

https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory

FAQ

What is CVE-2024-27362?

CVE-2024-27362 is a vulnerability with a CVSS score of 4.4 (MEDIUM). A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead ...

How severe is CVE-2024-27362?

CVE-2024-27362 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-27362?

Check the references section above for vendor advisories and patch information. Affected products include: Samsung Exynos 1280 Firmware, Samsung Exynos 1280, Samsung Exynos 2200 Firmware, Samsung Exynos 2200, Samsung Exynos 1330 Firmware.