CVE-2023-50807

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-50807
A vulnerability was discovered in Samsung Wearable Processor and Modems with versions Exynos 9110, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth).

8.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50807/ Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50807/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*
History

26 Jun 2025, 20:55

Type Values Removed Values Added
CPE cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*
References () https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - () https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - Vendor Advisory
References () https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50807/ - () https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50807/ - Vendor Advisory
First Time Samsung exynos Modem 5123 Firmware
Samsung exynos Modem 5300
Samsung exynos Modem 5123
Samsung
Samsung exynos 9110 Firmware
Samsung exynos Modem 5300 Firmware
Samsung exynos 9110

21 Nov 2024, 08:37

Type Values Removed Values Added
References () https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - () https://semiconductor.samsung.com/support/quality-support/product-security-updates/ -
References () https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50807/ - () https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50807/ -

11 Jul 2024, 15:05

Type Values Removed Values Added
CWE CWE-787

11 Jul 2024, 13:06

Type Values Removed Values Added
Summary
  • (es) Se descubrió una vulnerabilidad en los procesadores y módems portátiles Samsung con versiones Exynos 9110, Exynos Modem 5123, Exynos Modem 5300 que permite una escritura fuera de los límites en el montón en 2G (sin autenticación).

09 Jul 2024, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-09 19:15

Updated : 2025-06-26 20:55

NVD link : CVE-2023-50807

Mitre link : CVE-2023-50807

CVE.ORG link : CVE-2023-50807

JSON object : View

Products Affected

samsung

  • exynos_modem_5300
  • exynos_9110
  • exynos_modem_5300_firmware
  • exynos_9110_firmware
  • exynos_modem_5123_firmware
  • exynos_modem_5123
CWE
CWE-787

Out-of-bounds Write