CVE-2024-56427

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-56427
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds access via malformed RRC packets to the target.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-56427/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:samsung:exynos_990_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_990:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:samsung:exynos_2400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2400:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:samsung:exynos_w930_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w930:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:samsung:exynos_w1000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w1000:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:samsung:exynos_modem_5400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5400:-:*:*:*:*:*:*:*
History

01 Jul 2025, 15:00

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-14 21:15

Updated : 2025-07-01 15:00

NVD link : CVE-2024-56427

Mitre link : CVE-2024-56427

CVE.ORG link : CVE-2024-56427

JSON object : View

Products Affected

samsung

  • exynos_1080
  • exynos_850_firmware
  • exynos_modem_5400
  • exynos_1380_firmware
  • exynos_1080_firmware
  • exynos_2400
  • exynos_850
  • exynos_2100_firmware
  • exynos_1480
  • exynos_1280_firmware
  • exynos_990
  • exynos_2400_firmware
  • exynos_1280
  • exynos_modem_5300
  • exynos_1380
  • exynos_w1000_firmware
  • exynos_modem_5123_firmware
  • exynos_2200
  • exynos_w930_firmware
  • exynos_9110
  • exynos_9110_firmware
  • exynos_w1000
  • exynos_modem_5300_firmware
  • exynos_980_firmware
  • exynos_980
  • exynos_990_firmware
  • exynos_1330
  • exynos_w930
  • exynos_2100
  • exynos_1480_firmware
  • exynos_w920
  • exynos_modem_5123
  • exynos_1330_firmware
  • exynos_w920_firmware
  • exynos_modem_5400_firmware
  • exynos_2200_firmware
CWE
CWE-125

Out-of-bounds Read