fkie_nvd - fkie_cve-2024-56426

fkie_cve-2024-56426

Vulnerability from fkie_nvd

Published

2025-11-04 21:15

Modified

2025-11-07 12:59

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target.

References

	URL	Tags
	cve@mitre.org	https://semiconductor.samsung.com/support/quality-support/product-security-updates/	Vendor Advisory
	cve@mitre.org	https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-56426/	Vendor Advisory

Impacted products

Vendor	Product	Version
samsung	exynos_1080_firmware	-
samsung	exynos_1080	-
samsung	exynos_1280_firmware	-
samsung	exynos_1280	-
samsung	exynos_1330_firmware	-
samsung	exynos_1330	-
samsung	exynos_1380_firmware	-
samsung	exynos_1380	-
samsung	exynos_1480_firmware	-
samsung	exynos_1480	-
samsung	exynos_2200_firmware	-
samsung	exynos_2200	-
samsung	exynos_2400_firmware	-
samsung	exynos_2400	-
samsung	exynos_850_firmware	-
samsung	exynos_850	-
samsung	exynos_980_firmware	-
samsung	exynos_980	-
samsung	exynos_990_firmware	-
samsung	exynos_990	-
samsung	exynos_2100_firmware	-
samsung	exynos_2100	-
samsung	exynos_w1000_firmware	-
samsung	exynos_w1000	-
samsung	exynos_w920_firmware	-
samsung	exynos_w920	-
samsung	exynos_w930_firmware	-
samsung	exynos_w930	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43DE4D6F-D662-46F2-93BC-9AE950320BDE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE06CD56-8BFD-4208-843A-179E3E6F5C10",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1A7B09-9031-4E54-A24F-3237C054166B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFC68046-2F08-40D1-B158-89D8D9263541",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2635646-DD6A-4735-8E01-F45445584832",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA0F8A58-71B7-4503-A03A-6FB4282D75BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D381478B-C638-4663-BD71-144BE4B02E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61E72146-72FE-4B54-AB79-3C665E7F016C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64897B0D-EBF6-4BEB-BF54-ABCDBFAB45E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F328B4-0442-4748-B5EE-DD1CEE50D6CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C0D9AC-BD23-48C9-83E7-301DEC06E583",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A72ADEBB-ED72-4A5B-BB27-95EDE43F8116",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_2400_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16D9272E-1794-48FF-B6A4-8F48395BA38E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_2400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "932F5FB3-5527-44D7-9DD9-EF03963E3CA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1928760C-4FC4-45B0-84FF-C1105CD1DD2A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB410A6D-642B-49AE-8B1C-EADA953A84DA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F18F62E-2012-442E-BE60-6E76325D1824",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8701B6-6989-44D1-873A-A1823BFD7CCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_990_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF6C91D-DECE-4630-85FE-C22EF2B9160A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_990:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87FE8214-E165-4874-BB5A-3C4298708039",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89B88BFE-3C82-498C-8EC1-5784836DB1A1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9385885D-654A-496E-8029-7C6D9B077193",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_w1000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "526A0088-BDA7-4373-8966-AEED69C1AE8A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_w1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9657C28-AA6B-4C1A-ACAA-E90645CF2A73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ADED27-EDAF-4FB3-8CB2-AE5F59B93641",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF79654-E5C6-4DFF-B33A-A78571CD300C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:exynos_w930_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "801E188F-C71B-4933-9099-151A4A1B1BC5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:samsung:exynos_w930:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8FC82D-57C5-4F00-BDF4-4261A32C4246",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target."
    }
  ],
  "id": "CVE-2024-56426",
  "lastModified": "2025-11-07T12:59:47.613",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-11-04T21:15:33.667",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-56426/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CVE-2024-56426 (GCVE-0-2024-56426)

Vulnerability from cvelistv5

Published

2025-11-04 00:00