Vulnerability Description
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samsung | Exynos 1080 Firmware | - |
| Samsung | Exynos 1080 | - |
| Samsung | Exynos 1280 Firmware | - |
| Samsung | Exynos 1280 | - |
| Samsung | Exynos 1330 Firmware | - |
| Samsung | Exynos 1330 | - |
| Samsung | Exynos 1380 Firmware | - |
| Samsung | Exynos 1380 | - |
| Samsung | Exynos 1480 Firmware | - |
| Samsung | Exynos 1480 | - |
| Samsung | Exynos 2200 Firmware | - |
| Samsung | Exynos 2200 | - |
| Samsung | Exynos 2400 Firmware | - |
| Samsung | Exynos 2400 | - |
| Samsung | Exynos 850 Firmware | - |
| Samsung | Exynos 850 | - |
| Samsung | Exynos 980 Firmware | - |
| Samsung | Exynos 980 | - |
| Samsung | Exynos 990 Firmware | - |
| Samsung | Exynos 990 | - |
Related Weaknesses (CWE)
References
- https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory
- https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory
FAQ
What is CVE-2024-56426?
CVE-2024-56426 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to ...
How severe is CVE-2024-56426?
CVE-2024-56426 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-56426?
Check the references section above for vendor advisories and patch information. Affected products include: Samsung Exynos 1080 Firmware, Samsung Exynos 1080, Samsung Exynos 1280 Firmware, Samsung Exynos 1280, Samsung Exynos 1330 Firmware.