CVE-2024-52924 – Samsung Exynos Processors Out-of-Bounds Write Vulnerability in NRMM

Vulnerability

A vulnerability exists in the NRMM component of various Samsung mobile and wearable processors, as well as certain Exynos modem chipsets. The issue arises from a lack of proper boundary checks when decoding Registration Accept messages, which can result in out-of-bounds write operations on the stack. Affected processors include the Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, and W1000, along with Modem 5123, Modem 5300, and Modem 5400.

Impact

Exploitation of this vulnerability can lead to stack-based buffer overflows, potentially allowing for arbitrary code execution or causing a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Affected Products

Samsung Exynos 9820

0 remedies

cpe:2.3:h:samsung:exynos_9820:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 9825

0 remedies

cpe:2.3:h:samsung:exynos_9825:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 980

0 remedies

cpe:2.3:h:samsung:exynos_980:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 990

0 remedies

cpe:2.3:h:samsung:exynos_990:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 850

0 remedies

cpe:2.3:h:samsung:exynos_850:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1080

0 remedies

cpe:2.3:h:samsung:exynos_1080:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 2100

0 remedies

cpe:2.3:h:samsung:exynos_2100:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1280

0 remedies

cpe:2.3:h:samsung:exynos_1280:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 2200

0 remedies

cpe:2.3:h:samsung:exynos_2200:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1330

0 remedies

cpe:2.3:h:samsung:exynos_1330:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1380

0 remedies

cpe:2.3:h:samsung:exynos_1380:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1480

0 remedies

cpe:2.3:h:samsung:exynos_1480:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 2400

0 remedies

cpe:2.3:h:samsung:exynos_2400:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 9110

0 remedies

cpe:2.3:h:samsung:exynos_9110:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos W920

0 remedies

cpe:2.3:h:samsung:exynos_w920:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos W930

0 remedies

cpe:2.3:h:samsung:exynos_w930:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos Modem 5123

0 remedies

cpe:2.3:h:samsung:exynos_modem_5123:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos Modem 5300

0 remedies

cpe:2.3:h:samsung:exynos_modem_5300:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos Modem 5400

0 remedies

CVSS Scores

volerion

9.3

CVSS 4.0

9.3

Critical

volerion

9.8

CVSS 3.1

9.8

Critical

CISA-ADP

7.5

CVSS 3.1

7.5

High

Click a row to open the calculator.

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Vendor

Showing 1-1 of 1 references

Samsung Exynos Processors Out-of-Bounds Write Vulnerability in NRMM

Vulnerability

Impact

Affected Products

Samsung Exynos 9820

Samsung Exynos 9825

Samsung Exynos 980

Samsung Exynos 990

Samsung Exynos 850

Samsung Exynos 1080

Samsung Exynos 2100

Samsung Exynos 1280

Samsung Exynos 2200

Samsung Exynos 1330

Samsung Exynos 1380

Samsung Exynos 1480

Samsung Exynos 2400

Samsung Exynos 9110

Samsung Exynos W920

Samsung Exynos W930

Samsung Exynos Modem 5123

Samsung Exynos Modem 5300

Samsung Exynos Modem 5400

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating