Cyber Resilience

CVE-2025-58349

CriticalDDoS

Published: 06 April 2026

Published
06 April 2026
Modified
07 April 2026
KEV Added
Patch
CVSS Score v3.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score 0.0031 22.3th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-58349 is a critical-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Samsung Exynos 990 Firmware. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 22.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-58349 is a vulnerability affecting the L2 layer in Samsung Mobile Processor, Wearable Processor, and Modem components, specifically Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The flaw arises from incorrect handling of LTE MAC packets containing many MAC Control Elements (CEs), resulting in baseband crashes. It carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) and maps to CWE-400 (Uncontrolled Resource Consumption). The vulnerability was published on 2026-04-06.

A remote network-based attacker can exploit this issue without privileges or user interaction by transmitting specially crafted LTE MAC packets overloaded with CEs. The low attack complexity enables denial-of-service via baseband crashes, with high impacts on confidentiality and availability but no integrity impact, as indicated by the CVSS metrics.

Samsung provides mitigation through product security updates documented on their support site at https://semiconductor.samsung.com/support/quality-support/product-security-updates/ and the dedicated CVE page at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58349/.

EU & UK References

Vulnerability details

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect…

more

handling of LTE MAC packets containing many MAC Control Elements (CEs) leads to baseband crashes.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

CVE enables remote exploitation of LTE baseband via crafted MAC packets leading to crashes and DoS (CWE-400 resource consumption), directly matching application/system exploitation for endpoint denial of service.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-59440Same product: Samsung Exynos 1080
CVE-2025-54324Same product: Samsung Exynos 1080
CVE-2025-57835Same product: Samsung Exynos 1080
CVE-2025-59439Same product: Samsung Exynos 1080
CVE-2025-57834Same product: Samsung Exynos 1080
CVE-2025-43706Same product: Samsung Exynos 1080
CVE-2024-52923Same product: Samsung Exynos 1080
CVE-2024-52924Same product: Samsung Exynos 1080
CVE-2024-46923Same product: Samsung Exynos 1480
CVE-2025-62818Same product: Samsung Exynos 1080

Affected Assets

samsung
exynos 990 firmware
all versions
samsung
exynos 980 firmware
all versions
samsung
exynos 850 firmware
all versions
samsung
exynos 1080 firmware
all versions
samsung
exynos 1280 firmware
all versions
samsung
exynos 1330 firmware
all versions
samsung
exynos 1380 firmware
all versions
samsung
exynos 1480 firmware
all versions
samsung
exynos 1580 firmware
all versions
samsung
exynos 2100 firmware
all versions
+10 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

preventdetect

Directly protects against denial-of-service attacks exploiting resource exhaustion from malformed LTE MAC packets with excessive Control Elements causing baseband crashes.

prevent

Validates LTE MAC packet inputs to prevent crashes from incorrect handling of packets containing many MAC Control Elements.

prevent

Remediates the specific flaw in baseband L2 layer handling through timely application of vendor security updates for affected Exynos processors and modems.

References