Exynos baseband
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-21517 | 0.01 | — | 0.02 | Jun 28, 2023 | Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. | |||
| CVE-2023-21455 | 0.00 | — | 0.00 | Mar 16, 2023 | Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message. | |||
| CVE-2022-39902 | 0.00 | — | 0.01 | Dec 8, 2022 | Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call. | |||
| CVE-2022-39901 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB. | |||
| CVE-2022-33719 | 0.00 | — | 0.00 | Aug 5, 2022 | Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow. |
- CVE-2023-21517Jun 28, 2023risk 0.01cvss —epss 0.02
Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code.
- CVE-2023-21455Mar 16, 2023risk 0.00cvss —epss 0.00
Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message.
- CVE-2022-39902Dec 8, 2022risk 0.00cvss —epss 0.01
Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call.
- CVE-2022-39901Dec 8, 2022risk 0.00cvss —epss 0.00
Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.
- CVE-2022-33719Aug 5, 2022risk 0.00cvss —epss 0.00
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow.