CVE-2023-31116
Description
An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause unintended querying of RCS capability via a crafted application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Incorrect default permission in Samsung Exynos Modem's Shannon RCS component allows a crafted app to query RCS capability, leading to information disclosure.
Vulnerability
The vulnerability resides in the Shannon RCS component of Samsung Exynos Modem 5123 and 5300. An incorrect default permission allows a crafted application to query RCS capability without proper authorization. The affected versions are Exynos Modem 5123 and 5300.
Exploitation
An attacker must install a crafted application on the device. Due to the incorrect default permission, the application can query the RCS capability of the modem without requiring additional privileges or user interaction beyond installation.
Impact
Successful exploitation results in information disclosure: the attacker gains knowledge of the device's RCS capability. This is a confidentiality impact, as the attacker can obtain data that should be protected by permission checks.
Mitigation
No specific fix details are provided in the available reference [1]. Users should monitor Samsung's product security updates for a firmware patch addressing this issue.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Samsung/Exynos Modemdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.