CVE-2024-56426 – Samsung Exynos Processors Out-of-Bounds Write Vulnerability via Malformed USB Packets

Vulnerability

A high-severity out-of-bounds write vulnerability has been identified in various Samsung mobile and wearable processors, including Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, and W1000. The vulnerability arises from a lack of proper length validation, allowing for out-of-bounds writes when the processor receives malformed USB packets.

Impact

Exploitation of this vulnerability leads to out-of-bounds writes, which can commonly result in memory corruption or arbitrary code execution.

Added: Nov 4, 2025, 9:17 PM

Updated: Nov 4, 2025, 10:20 PM

Affected Products

Samsung Exynos 980

0 remedies

cpe:2.3:h:samsung:exynos_980:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 990

0 remedies

cpe:2.3:h:samsung:exynos_990:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 850

0 remedies

cpe:2.3:h:samsung:exynos_850:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1080

0 remedies

cpe:2.3:h:samsung:exynos_1080:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 2100

0 remedies

cpe:2.3:h:samsung:exynos_2100:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1280

0 remedies

cpe:2.3:h:samsung:exynos_1280:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 2200

0 remedies

cpe:2.3:h:samsung:exynos_2200:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1330

0 remedies

cpe:2.3:h:samsung:exynos_1330:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1380

0 remedies

cpe:2.3:h:samsung:exynos_1380:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 1480

0 remedies

cpe:2.3:h:samsung:exynos_1480:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos 2400

0 remedies

cpe:2.3:h:samsung:exynos_2400:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos W920

0 remedies

cpe:2.3:h:samsung:exynos_w920:*:*:*:*:*:*:*, +1 more

0 remedies

Samsung Exynos W930

0 remedies

cpe:2.3:h:samsung:exynos_w930:*:*:*:*:*:*:*, +1 more

0 remedies

CVSS Scores

volerion

7.0

CVSS 4.0

7.0

High

volerion

6.8

CVSS 3.1

6.8

Medium

CISA-ADP

7.5

CVSS 3.1

7.5

High

Click a row to open the calculator.

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

BundleVendor

https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-56426/

AdvisoryVendor

Showing 1-2 of 2 references

Samsung Exynos Processors Out-of-Bounds Write Vulnerability via Malformed USB Packets

Vulnerability

Impact

Affected Products

Samsung Exynos 980

Samsung Exynos 990

Samsung Exynos 850

Samsung Exynos 1080

Samsung Exynos 2100

Samsung Exynos 1280

Samsung Exynos 2200

Samsung Exynos 1330

Samsung Exynos 1380

Samsung Exynos 1480

Samsung Exynos 2400

Samsung Exynos W920

Samsung Exynos W930

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating