CVE-2023-31114

CRITICAL

Samsung Exynos Modem - Info Disclosure

Title source: llm

Description

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application.

References (1)

[Vendor Advisory] https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Scores

CVSS v3 9.1

EPSS 0.0033

EPSS Percentile 55.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-669

Status published

Products (2)

samsung/exynos_5123_firmware

samsung/exynos_5300_firmware

Published Jun 07, 2023

Tracked Since Feb 18, 2026