CVE-2023-31114
Description
An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Incorrect resource transfer in Samsung Exynos Modem 5123/5300 Shannon RCS allows a crafted app to query SIM status.
Vulnerability
The Shannon RCS component in Samsung Exynos Modem 5123 and 5300 contains an incorrect resource transfer between spheres vulnerability. This allows a crafted application to unintentionally query the SIM status. The affected versions are Exynos Modem 5123 and 5300.
Exploitation
An attacker needs to install a crafted application on the device. No additional authentication or network position is required beyond the ability to run the malicious app. The application exploits the incorrect resource transfer to query SIM status.
Impact
Successful exploitation results in unauthorized querying of the SIM status, leading to information disclosure about the SIM card. The attacker gains access to SIM-related data without proper authorization.
Mitigation
Samsung has released security updates to address this issue. Users should apply the latest firmware updates from Samsung. Refer to the Samsung Product Security Update page [1] for details. No workaround is available.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Samsung/Exynos Modemdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.