CVE-2023-26075
Description
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An intra-object overflow in the 5G MM message codec of multiple Exynos chipsets enables denial of service or memory corruption via a crafted Service Area List.
Vulnerability
An intra-object overflow vulnerability exists in the 5G Mobility Management (MM) message codec used by Samsung Exynos chipsets, including Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123 [1][4]. The overflow occurs when decoding the Service Area List due to insufficient parameter validation [1]. This flaw is one of fourteen less severe issues reported by Google Project Zero, which still require either a malicious mobile network operator or an attacker with local access to the device [4].
Exploitation
Exploitation requires either a rogue mobile network operator (MNO) capable of injecting malicious 5G NAS messages into the network, or an attacker with local access to the device [4]. The attacker sends a crafted Service Area List within a 5G MM message; the codec's lack of proper bounds checking when decoding the list allows the overflow to occur [1]. No user interaction is needed beyond the device being attached to the malicious network or the local attacker running the crafted input.
Impact
Successful exploitation leads to an intra-object overflow, which can corrupt memory within the modem's 5G message codec [1]. This corruption may result in denial of service or potentially memory corruption that could be leveraged for further compromise [4]. The attacker does not achieve remote code execution at the baseband level without additional research and development, but the overflow can still affect the availability or integrity of baseband operations.
Mitigation
Samsung Semiconductor has not publicly released a specific firmware patch for CVE-2023-26075 as of the publication date; however, affected device vendors (e.g., Google, Samsung Mobile) typically include baseband fixes in their monthly security updates, such as the March 2023 update for Pixel devices [4]. Users should apply the latest security updates from their device manufacturer. No workaround is available; the vulnerability is inherent to the modem firmware's message parsing logic [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Samsung/Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- packetstormsecurity.com/files/171387/Shannon-Baseband-NrmmMsgCodec-Intra-Object-Overflow.htmlmitre
- bugs.chromium.org/p/project-zero/issues/detailmitre
- googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.htmlmitre
- semiconductor.samsung.com/processor/mobile-processor/mitre
- semiconductor.samsung.com/processor/modem/mitre
- semiconductor.samsung.com/support/quality-support/product-security-updates/mitre
News mentions
0No linked articles in our index yet.