Shodan
Vulnerabilities
Vulnerable Software
Samsung:  Security Vulnerabilities
CVE-2025-23103
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.
CVSS Score
8.6
EPSS Score
0.001
Published
2025-06-03
CVE-2025-23099
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-06-02
CVE-2025-23105
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-06-02
CVE-2025-23104
An issue was discovered in Samsung Mobile Processor Exynos 2200. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-06-02
CVE-2024-49197
An issue was discovered in Wi-Fi in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-05-27
CVE-2024-49196
An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2400. Type confusion leads to a Denial of Service.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-05-27
CVE-2025-22377
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. A Heap-based Out-of-Bounds Write exists in the GPRS protocol implementation because of a mismatch between the actual length of the payload and the length declared within the payload.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-27
CVE-2025-32407
Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser validates the identity of the server. It negates the use of HTTPS as a secure channel, allowing for Man-in-the-Middle attacks, stealing sensitive information or modifying incoming and outgoing traffic. NOTE: This vulnerability is in an end-of-life product that is no longer maintained by the vendor.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-05-16
CVE-2024-56427
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds access via malformed RRC packets to the target.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-05-14
CVE-2025-26783
An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-05-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved