CVE-2023-26072

Risk Scores

Affected Products

Exploit Intelligence

• CIRCL published-proof-of-concept: CVE-2023-26072 (circl-sighting)
• CIRCL seen: CVE-2023-26072 (circl-sighting)
• CIRCL seen: CVE-2023-26072 (circl-sighting)
• https://semiconductor.samsung.com/processor/modem/ (circl)
• https://semiconductor.samsung.com/processor/mobile-processor/ (circl)
• https://semiconductor.samsung.com/support/quality-support/product-security-updates/ (circl)
• https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html (circl)
• https://bugs.chromium.org/p/project-zero/issues/detail?id=2395 (circl)
• http://packetstormsecurity.com/files/171378/Shannon-Baseband-NrmmMsgCodec-Emergency-Number-List-Heap-Buffer-Overflow.html (circl)
• https://project-zero.issues.chromium.org/issues/42451534 (cve.org)

Timeline

• Mar 13, 2023 CVE Published
• Mar 13, 2023 EPSS Score
• Mar 13, 2023 PoC Published
• Mar 16, 2023 PoC Published
• Apr 21, 2023 EPSS Score
• May 30, 2023 EPSS Score
• Aug 15, 2023 EPSS Score
• Sep 23, 2023 EPSS Score
• Nov 1, 2023 EPSS Score
• Dec 9, 2023 EPSS Score
• Jan 17, 2024 EPSS Score
• Apr 4, 2024 EPSS Score

References

• https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0702.json advisory
• https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0702 advisory
• https://semiconductor.samsung.com/support/quality-support/product-security-updates/ advisory
• https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0895.json advisory
• https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0895 advisory
• https://source.android.com/docs/security/bulletin/pixel/2023-04-01?hl=de advisory