Samsung Products Multiple Vulnerabilities
RISK: Medium Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, remote code execution, denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system.
Note:
CVE-2024-53104 is being exploited in the wild. Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege. Since the exploitation requires physical connection to malicious hardware, the risk level remains Medium.
Impact
- Denial of Service
- Elevation of Privilege
- Information Disclosure
- Remote Code Execution
- Data Manipulation
System / Technologies affected
- Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400
- Galaxy Watch running Android Watch 14
- Samsung mobile devices running Android 13, 14, 15
For affected products, please refer to the link below:
https://security.samsungmobile.com/securityUpdate.smsb
https://semiconductor.samsung.com/support/quality-support/product-security-updates/
Solutions
Before installation of the software, please visit the vendor website for more details.
- Apply fixes issued by the vendor:
https://security.samsungmobile.com/securityUpdate.smsb
https://semiconductor.samsung.com/support/quality-support/product-security-updates/
Vulnerability Identifier
- CVE-2023-21125
- CVE-2024-0032
- CVE-2024-20141
- CVE-2024-20142
- CVE-2024-38404
- CVE-2024-38420
- CVE-2024-39441
- CVE-2024-43090
- CVE-2024-43093
- CVE-2024-43705
- CVE-2024-45569
- CVE-2024-46973
- CVE-2024-47892
- CVE-2024-49196
- CVE-2024-49198
- CVE-2024-49728
- CVE-2024-49740
- CVE-2024-49832
- CVE-2024-49833
- CVE-2024-49834
- CVE-2024-49839
- CVE-2024-50600
- CVE-2024-52923
- CVE-2024-52924
- CVE-2024-52935
- CVE-2024-53104
- CVE-2025-0015
- CVE-2025-0074
- CVE-2025-0075
- CVE-2025-0078
- CVE-2025-0079
- CVE-2025-0080
- CVE-2025-0081
- CVE-2025-0082
- CVE-2025-0083
- CVE-2025-0084
- CVE-2025-0086
- CVE-2025-0087
- CVE-2025-0088
- CVE-2025-0092
- CVE-2025-0093
- CVE-2025-20635
- CVE-2025-20636
- CVE-2025-20903
- CVE-2025-20908
- CVE-2025-20909
- CVE-2025-20910
- CVE-2025-20911
- CVE-2025-20912
- CVE-2025-22403
- CVE-2025-22404
- CVE-2025-22405
- CVE-2025-22406
- CVE-2025-22407
- CVE-2025-22408
- CVE-2025-22409
- CVE-2025-22410
- CVE-2025-22411
- CVE-2025-22412
- CVE-2025-22414
- CVE-2025-22415
- CVE-2025-26417
沒有留言:
發佈留言