CVE-2024-56426

HIGH

Samsung Mobile/Wearable Processor - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-56426. PoCs published by Creeeeger.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2024-56426, targeting Samsung Exynos9820 bootloader vulnerabilities. It includes payload builders, encryption/decryption tools, and exploit scripts designed to chain bootloader exploits via UFS or USB paths.

Description

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target.

Exploits (1)

nomisec WORKING POC

by Creeeeger · poc

https://github.com/Creeeeger/CVE-2024-56426

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2024-56426, targeting Samsung Exynos9820 bootloader vulnerabilities. It includes payload builders, encryption/decryption tools, and exploit scripts designed to chain bootloader exploits via UFS or USB paths.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Samsung Exynos9820 bootloader (EPBL, BL2, etc.)

No auth needed

Prerequisites: Physical access or USB debugging access to target device · Exynos9820-based Samsung device with vulnerable bootloader · Custom payloads built via provided toolchain

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 09, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Vendor Advisory

https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-56426/

Scores

CVSS v3 7.5

EPSS 0.0029

EPSS Percentile 20.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (14)

samsung/exynos_1080_firmware

samsung/exynos_1280_firmware

samsung/exynos_1330_firmware

samsung/exynos_1380_firmware

samsung/exynos_1480_firmware

samsung/exynos_2100_firmware

samsung/exynos_2200_firmware

samsung/exynos_2400_firmware

samsung/exynos_850_firmware

samsung/exynos_980_firmware

... and 4 more

Published Nov 04, 2025

Tracked Since Feb 18, 2026