Vulnerabilities > Samsung > Mtower > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-16 CVE-2022-40757 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.
network
low complexity
samsung CWE-119
7.5
2022-09-16 CVE-2022-40758 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen.
network
low complexity
samsung CWE-119
7.5
2022-09-16 CVE-2022-40759 NULL Pointer Dereference vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation.
network
low complexity
samsung CWE-476
7.5
2022-09-16 CVE-2022-40760 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize.
network
low complexity
samsung CWE-119
7.5
2022-09-16 CVE-2022-40761 Improper Validation of Specified Quantity in Input vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc.
network
low complexity
samsung CWE-1284
7.5
2022-09-16 CVE-2022-40762 Allocation of Resources Without Limits or Throttling vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len.
network
low complexity
samsung CWE-770
7.5
2022-09-05 CVE-2022-39828 Unspecified vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service.
network
low complexity
samsung
7.5
2022-09-05 CVE-2022-39829 NULL Pointer Dereference vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new.
network
low complexity
samsung CWE-476
7.5
2022-09-05 CVE-2022-39830 Unspecified vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service.
network
low complexity
samsung
7.5
2022-09-01 CVE-2022-36621 NULL Pointer Dereference vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject.
network
low complexity
samsung CWE-476
7.5