CVE-2023-31115

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause changes to the activation mode of RCS via a crafted application...

CVE-2021-41946

In FiberHome VDSL2 Modem HG150-UbV3.0, a stored cross-site scripting XSS vulnerability in Parental Control -- Access Time Restriction -- Username field, a user cannot delete the rule due to the XSS...

CVE-2022-26446

In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 CMAS message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883;...

CVE-2019-2289

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

CVE-2019-20032

An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system's administration modem...

CVE-2019-20605

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. A heap overflow occurs for baseband in the Shannon modem. The Samsung ID is SVE-2019-14071 May 2019...

CVE-2020-10835

An issue was discovered on Samsung mobile devices with any before February 2020 for Exynos modem chipsets software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 February 2020...

CVE-2023-29088

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP...

CVE-2023-49927

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not...

CVE-2022-26079

Improper conditions check in some IntelR XMMTM 7560 Modem software before version M27560R01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2023-43478

fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...

CVE-2022-33287

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet...

CVE-2022-33270

Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message...

CVE-2022-33229

Information disclosure due to buffer over-read in Modem while using static array to process IPv4 packets...

CVE-2022-33244

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout...

CVE-2022-33213

Memory corruption in modem due to buffer overflow while processing a PPP packet...

CVE-2022-33222

Information disclosure due to buffer over-read while parsing DNS response packets in Modem...

CVE-2024-39890

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC Call...

CVE-2025-20794

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

CVE-2025-20761

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch...