CVE-2024-50600
Published: 06 March 2025
Summary
CVE-2024-50600 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Samsung Exynos 980 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 40.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the lack of boundary check by requiring validation of malformed Wi-Fi driver inputs to prevent out-of-bounds access.
Mandates timely remediation through Samsung-provided patches for the specific flaw in Exynos Wi-Fi drivers' STOP_KEEP_ALIVE_OFFLOAD function.
Implements memory protections like address space layout randomization or stack canaries to restrict the impact of out-of-bounds access in the Wi-Fi driver.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability description explicitly details remote exploitation of a Wi-Fi driver flaw (out-of-bounds access) causing crashes and denial of service on the endpoint, directly mapping to Application or System Exploitation for Endpoint Denial of Service.
NVD Description
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access. An attacker can send a malformed…
more
message to the target through the Wi-Fi driver.
Deeper analysisAI
CVE-2024-50600 is a vulnerability in Samsung Mobile Processor and Wearable Processor models Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. It stems from a lack of boundary check in the STOP_KEEP_ALIVE_OFFLOAD functionality within the Wi-Fi driver, resulting in out-of-bounds access (CWE-125). The issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), highlighting its potential for significant impact.
A remote attacker without privileges or user interaction can exploit this vulnerability by sending a malformed message to the target device through the Wi-Fi driver. Successful exploitation leads to out-of-bounds access, which disrupts availability by causing crashes or denial of service, though it does not compromise confidentiality or integrity.
Samsung provides product security updates and mitigation guidance on their semiconductor support page at https://semiconductor.samsung.com/support/quality-support/product-security-updates/. Security practitioners should check this resource for patches applicable to affected Exynos processors in Samsung mobile and wearable devices.
Details
- CWE(s)