Cyber Resilience

CVE-2024-52923

High

Published: 06 March 2025

Published
06 March 2025
Modified
01 July 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0019 40.3th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-52923 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Samsung Exynos 9820 Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 40.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2024-52923 is a vulnerability in the NRMM component of various Samsung Exynos processors and modems, including Mobile Processor and Wearable Processor models Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, as well as Modem 5123, Modem 5300, and Modem 5400. The issue stems from a lack of boundary check during the decoding of DL NAS Transport messages, which can lead to a denial of service. It has a CVSS v3.1 base score of 7.5, associated with CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer).

The vulnerability is exploitable over the network (AV:N) with low attack complexity (AC:L), requiring no privileges (PR:N) or user interaction (UI:N), and results in high-impact availability disruption (A:H) without affecting confidentiality or integrity. Remote attackers can trigger the denial of service by sending specially crafted DL NAS Transport messages to affected devices, potentially disrupting modem or processor functionality in Samsung devices relying on these Exynos components.

Samsung has published product security updates addressing this issue at https://semiconductor.samsung.com/support/quality-support/product-security-updates/. Security practitioners should consult this advisory for patch availability and apply updates to vulnerable Exynos-based devices.

EU & UK References

Vulnerability details

An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack…

more

of a boundary check during the decoding of DL NAS Transport messages leads to a Denial of Service.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

The vulnerability allows remote network exploitation via crafted DL NAS Transport messages to trigger DoS on the modem/processor due to missing boundary checks, directly enabling Application or System Exploitation under Endpoint Denial of Service.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2024-52924Same product: Samsung Exynos 1080
CVE-2025-59440Same product: Samsung Exynos 1080
CVE-2025-57835Same product: Samsung Exynos 1080
CVE-2025-58349Same product: Samsung Exynos 1080
CVE-2025-57834Same product: Samsung Exynos 1080
CVE-2025-54324Same product: Samsung Exynos 1080
CVE-2024-50600Same product: Samsung Exynos 1080
CVE-2025-59439Same product: Samsung Exynos 1080
CVE-2025-43706Same product: Samsung Exynos 1080
CVE-2025-54328Same product: Samsung Exynos 1080

Affected Assets

samsung
exynos 9820 firmware
all versions
samsung
exynos 9825 firmware
all versions
samsung
exynos 980 firmware
all versions
samsung
exynos 990 firmware
all versions
samsung
exynos 850 firmware
all versions
samsung
exynos 1080 firmware
all versions
samsung
exynos 2100 firmware
all versions
samsung
exynos 1280 firmware
all versions
samsung
exynos 2200 firmware
all versions
samsung
exynos 1330 firmware
all versions
+10 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces input validation and boundary checks on DL NAS Transport messages to prevent buffer overflows during decoding.

prevent

Implements memory safeguards like address space layout randomization and non-executable stacks to mitigate exploitation of missing boundary checks in Exynos processors.

prevent

Requires timely patching of the specific boundary check flaw via Samsung's published security updates for affected Exynos components.

References