CVE-2024-27362

MEDIUM

Samsung Mobile Processors - Info Disclosure

Title source: llm

Description

A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead to a Information disclosure.

References (2)

[Vendor Advisory] https://semiconductor.samsung.com/support/quality-support/product-security-updates/

[Vendor Advisory] https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-27362/

Scores

CVSS v3 4.4

EPSS 0.0032

EPSS Percentile 54.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1284 CWE-200

Status published

Products (5)

samsung/exynos_1280_firmware

samsung/exynos_1330_firmware

samsung/exynos_1380_firmware

samsung/exynos_2200_firmware

samsung/exynos_2400_firmware

Published Jul 09, 2024

Tracked Since Feb 18, 2026