CVE-2025-23097

Critical CVSS: 9.1

An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes.

Vendor

Product

CWE

Yayın Tarihi

2025-06-03 20:15:20

Güncelleme

2025-06-06 18:45:47

Source Identifier

cve@mitre.org

KEV Date Added

CWE-787 Exynos 1380 Firmware CRITICAL Samsung 2025

https://semiconductor.samsung.com/support/quality-support/product-security-updates/ https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-23097/

High

CVE-2026-21000

Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store…

Medium

CVE-2026-21001

Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privileg…

Medium

CVE-2026-21002

Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to inst…

Medium

CVE-2026-21004

Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of serv…

High

CVE-2026-21005

Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Sm…

Medium

CVE-2026-20992

Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the back…