CVE-2024-52923

CVE-2024-52923 is a vulnerability in the NRMM component of various Samsung Exynos processors and modems, including Mobile Processor and Wearable Processor models Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, as well as Modem 5123, Modem 5300, and Modem 5400. The issue stems from a lack of boundary check during the decoding of DL NAS Transport messages, which can lead to a denial of service. It has a CVSS v3.1 base score of 7.5, associated with CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer).

The vulnerability is exploitable over the network (AV:N) with low attack complexity (AC:L), requiring no privileges (PR:N) or user interaction (UI:N), and results in high-impact availability disruption (A:H) without affecting confidentiality or integrity. Remote attackers can trigger the denial of service by sending specially crafted DL NAS Transport messages to affected devices, potentially disrupting modem or processor functionality in Samsung devices relying on these Exynos components.

Samsung has published product security updates addressing this issue at https://semiconductor.samsung.com/support/quality-support/product-security-updates/. Security practitioners should consult this advisory for patch availability and apply updates to vulnerable Exynos-based devices.