Vulnerabilities > CVE-2024-27362 - Improper Validation of Specified Quantity in Input vulnerability in Samsung products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

samsung

CWE-1284

NVD

Published: 2024-07-09

Updated: 2024-07-12

Summary

A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead to a Information disclosure.

Vulnerable Configurations

Part	Description	Count
OS	Samsung Samsung Exynos 1280 Firmware - Samsung Exynos 2200 Firmware - Samsung Exynos 1330 Firmware - Samsung Exynos 1380 Firmware - Samsung Exynos 2400 Firmware -	5
Hardware	Samsung Samsung Exynos 1280 - Samsung Exynos 2200 - Samsung Exynos 1330 - Samsung Exynos 1380 - Samsung Exynos 2400 -	5

Common Weakness Enumeration (CWE)

CWE-1284 - Improper Validation of Specified Quantity in Input

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References