VDB
CVE-2024-46920
CVE-2024-46920
PUBLISHED
Es bestehen mehrere Schwachstellen in Samsung Exynos. Diese Schwachstellen sind auf eine unsachgemäße Längenprüfung in der Funktion loadOutputBuffers und auf eine unsachgemäße Ressourcenverwaltung im 5G-Standalone-Netzwerk (SA) zurückzuführen. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und nicht näher beschriebene Auswirkungen zu erzielen.
EPSS 0.76% · 73.7th percentile
Risk Scores
EPSS Score
0.76%
73.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samsung | Samsung Exynos |
Exploit Intelligence
- CIRCL seen: CVE-2024-46920 (circl-sighting)
- CIRCL seen: CVE-2024-46920 (circl-sighting)
- CIRCL seen: CVE-2024-46920 (circl-sighting)
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/ (circl)
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-46920/ (circl)
Timeline
- Jan 5, 2025 CVE Published
- Jan 13, 2025 PoC Published
- Jan 13, 2025 PoC Published
- Jan 14, 2025 EPSS Score
- Jan 14, 2025 PoC Published
- Jan 30, 2025 EPSS Score
- Feb 14, 2025 EPSS Score
- Mar 2, 2025 EPSS Score
- Mar 17, 2025 EPSS Score
- Apr 2, 2025 EPSS Score
- Apr 5, 2025 Coalition ESS Score
- Apr 17, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0007.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0007 advisory
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/ advisory
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2024-46919/ advisory
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2024-46920/ advisory
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2024-46921/ advisory
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2024-5660/ advisory