CVE-2024-45183

An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, and 2400. A lack of a JPEG length check leads to an out-of-bound write.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/	Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-45183/	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:samsung:exynos_2400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_2400:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*

History

27 Oct 2025, 17:59

Type	Values Removed	Values Added
References	~~() https://semiconductor.samsung.com/support/quality-support/product-security-updates/ -~~	() https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - Vendor Advisory
References	~~() https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-45183/ -~~	() https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-45183/ - Vendor Advisory
First Time		Samsung exynos 2100 Firmware Samsung exynos 2200 Samsung exynos 1330 Firmware Samsung exynos 1380 Samsung exynos 1480 Samsung exynos 2100 Samsung exynos 1330 Samsung exynos 2400 Firmware Samsung exynos 1480 Firmware Samsung exynos 2200 Firmware Samsung exynos 1280 Samsung exynos 1380 Firmware Samsung exynos 1280 Firmware Samsung Samsung exynos 2400
CPE		cpe:2.3:h:samsung:exynos_2400:-:::::::* cpe:2.3:h:samsung:exynos_1480:-:::::::* cpe:2.3:o:samsung:exynos_2200_firmware:-:::::::* cpe:2.3:h:samsung:exynos_2100:-:::::::* cpe:2.3:h:samsung:exynos_1330:-:::::::* cpe:2.3:h:samsung:exynos_1280:-:::::::* cpe:2.3:o:samsung:exynos_1380_firmware:-:::::::* cpe:2.3:o:samsung:exynos_2100_firmware:-:::::::* cpe:2.3:o:samsung:exynos_1330_firmware:-:::::::* cpe:2.3:o:samsung:exynos_1480_firmware:-:::::::* cpe:2.3:h:samsung:exynos_1380:-:::::::* cpe:2.3:h:samsung:exynos_2200:-:::::::* cpe:2.3:o:samsung:exynos_2400_firmware:-:::::::* cpe:2.3:o:samsung:exynos_1280_firmware:-:::::::*

05 Aug 2025, 14:34

Type	Values Removed	Values Added
Summary		(es) Se descubrió un problema en Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480 y 2400. La falta de una verificación de longitud de JPEG provoca una escritura fuera de los límites.

04 Aug 2025, 20:15

Type	Values Removed	Values Added
CWE		CWE-787
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5

04 Aug 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-04 18:15

Updated : 2025-10-27 17:59

NVD link : CVE-2024-45183

Mitre link : CVE-2024-45183

CVE.ORG link : CVE-2024-45183

JSON object : View

Products Affected

samsung

exynos_1280_firmware
exynos_2400
exynos_2400_firmware
exynos_2200_firmware
exynos_1330
exynos_1380_firmware
exynos_1380
exynos_1280
exynos_2100_firmware
exynos_2200
exynos_1480
exynos_1480_firmware
exynos_1330_firmware
exynos_2100

CWE

CWE-787

Out-of-bounds Write

6.5 /10