CVE-2025-54329

High CVSS: 7.5

An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to send a multiple-payloads message (including an SMS message) lacks bounds checking, which can lead to a heap overflow.

Vendor

Samsung

Product

Exynos 1280 Firmware

CWE

CWE-122

Yayın Tarihi

2025-11-04 17:16:22

Güncelleme

2025-11-07 12:56:18

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-122 Exynos 1280 Firmware HIGH Samsung 2025

Referanslar

https://semiconductor.samsung.com/support/quality-support/product-security-updates/ https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54329/

Benzer Kayıtlar

High

CVE-2026-21000

Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store…

Medium

CVE-2026-21001

Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privileg…

Medium

CVE-2026-21002

Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to inst…

Medium

CVE-2026-21004

Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of serv…

High

CVE-2026-21005

Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Sm…

Medium

CVE-2026-20992

Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the back…