Lucene search
K

119 matches found

Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.6 views

PT-2022-25523 · Samsung · Mtower

Name of the Vulnerable Software and Affected Versions: Samsung mTower versions 0.3.0 and earlier Description: A Memory Allocation with Excessive Size Value issue in the TEE Realloc function allows a trusted application to trigger a Denial of Service DoS by invoking the function TEE Realloc with a...

7.5CVSS7.5AI score0.00839EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.6 views

PT-2022-25519 · Samsung · Samsung Mtower

Name of the Vulnerable Software and Affected Versions: Samsung mTower versions 0.3.0 and earlier Description: A NULL pointer dereference issue in the TEE MACCompareFinal function allows a trusted application to trigger a Denial of Service DoS by invoking the TEE MACCompareFinal function with a NU...

7.5CVSS7.3AI score0.00839EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.6 views

SAMSUNG mTower 缓冲区错误漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from a vulnerable buffer access with an incorrect length value in its TEEMACUpdate function that allows a trusted application ...

7.5CVSS7.5AI score0.01101EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.6 views

SAMSUNG mTower 缓冲区错误漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from a buffer access in its TEEMACComputeFinal function with an incorrect length value vulnerability that allows a trusted...

7.5CVSS7.6AI score0.00839EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.4 views

SAMSUNG mTower 代码问题漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from a vulnerable null pointer dereference in its TEEMACCompareFinal function that allows a trusted application to trigger a...

7.5CVSS7.3AI score0.00839EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.4 views

SAMSUNG mTower 输入验证错误漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability in SAMSUNG mTower versions prior to 0.3.0, which stems from an incorrect input validation vulnerability in its teeobjfree function, allows a trusted application to trigger a denial of...

7.5CVSS7.3AI score0.012EPSS
Exploits0References4
NVD
NVD
added 2022/09/05 4:15 a.m.22 views

CVE-2022-39829

There is a NULL pointer dereference in aes256encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVPCIPHERCTXnew...

7.5CVSS0.01068EPSS
Exploits1References3
NVD
NVD
added 2022/09/05 4:15 a.m.19 views

CVE-2022-39828

signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetprivatekey, leading to a denial of service...

7.5CVSS0.01068EPSS
Exploits1References3
NVD
NVD
added 2022/09/05 4:15 a.m.17 views

CVE-2022-39830

signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetpublickeyaffinecoordinates, leading to a denial of service...

7.5CVSS0.01068EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/09/05 4:15 a.m.8 views

CVE-2022-39829

There is a NULL pointer dereference in aes256encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVPCIPHERCTXnew...

7.5CVSS5.8AI score0.01068EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/09/05 4:15 a.m.3 views

CVE-2022-39830

signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetpublickeyaffinecoordinates, leading to a denial of service...

7.5CVSS5.8AI score0.01068EPSS
Exploits1References4
OSV
OSV
added 2022/09/05 4:15 a.m.16 views

CVE-2022-39828

signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetprivatekey, leading to a denial of service...

7.5CVSS6.8AI score
Exploits0References3
OSV
OSV
added 2022/09/05 4:15 a.m.23 views

CVE-2022-39830

signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetpublickeyaffinecoordinates, leading to a denial of service...

7.5CVSS6.8AI score
Exploits0References3
OSV
OSV
added 2022/09/05 4:15 a.m.20 views

CVE-2022-39829

There is a NULL pointer dereference in aes256encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVPCIPHERCTXnew...

7.5CVSS6.8AI score
Exploits0References3
Prion
Prion
added 2022/09/05 4:15 a.m.24 views

Denial of service

signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetprivatekey, leading to a denial of service...

5CVSS7.4AI score0.01068EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/09/05 4:15 a.m.22 views

Null pointer dereference

There is a NULL pointer dereference in aes256encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVPCIPHERCTXnew...

5CVSS7.5AI score0.01068EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/09/05 4:15 a.m.18 views

Denial of service

signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetpublickeyaffinecoordinates, leading to a denial of service...

5CVSS7.4AI score0.01068EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/09/05 3:43 a.m.21 views

CVE-2022-39828

signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetprivatekey, leading to a denial of service...

7.6AI score0.01068EPSS
Exploits1References3
CVE
CVE
added 2022/09/05 3:43 a.m.65 views

CVE-2022-39828

CVE-2022-39828 affects Samsung mTower 0.3.0 and earlier. The root cause is a missing check on the return value of EC_KEY_set_private_key in the sign_pFwInfo function, which can lead to a denial-of-service. Impact is an availability disruption; exploitation details are not provided in the document...

7.5CVSS7.4AI score0.01068EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2022/09/05 3:43 a.m.68 views

CVE-2022-39829

Samsung mTower 0.3.0 and earlier has a NULL pointer dereference in aes256_encrypt caused by a missing check of EVP_CIPHER_CTX_new. CVE-2022-39829 affects the module in the Trusted Execution Environment and is rated HIGH (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Connected sources confirm th...

7.5CVSS7.4AI score0.01068EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder