Login Sign Up

CVE-2023-26497

8.6 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability in Samsung baseband chipsets allows memory corruption when processing Session Description Negotiation for Video Configuration Attribute. Attackers could potentially execute arbitrary code on affected devices. This affects smartphones and automotive systems using the listed Exynos modem chipsets.

💻 Affected Systems

Products:
  • Samsung Exynos Modem 5123
  • Samsung Exynos Modem 5300
  • Samsung Exynos 980
  • Samsung Exynos 1080
  • Samsung Exynos Auto T5125
Versions: All versions prior to security patches
Operating Systems: Android, Automotive OS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices using these baseband chipsets regardless of device manufacturer.

📦 What is this software?

Exynos 1080 Firmware by Samsung

View all CVEs affecting Exynos 1080 Firmware →

Exynos 980 Firmware by Samsung

View all CVEs affecting Exynos 980 Firmware →

Exynos Auto T5123 Firmware by Samsung

View all CVEs affecting Exynos Auto T5123 Firmware →

Exynos Modem 5123 Firmware by Samsung

View all CVEs affecting Exynos Modem 5123 Firmware →

Exynos Modem 5300 Firmware by Samsung

View all CVEs affecting Exynos Modem 5300 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution allowing complete device compromise, including interception of communications, data theft, and persistent backdoor installation.

🟠

Likely Case

Device crash/reboot leading to denial of service, or limited code execution within baseband processor context.

🟢

If Mitigated

No impact if patched or if exploit attempts are blocked by network security controls.

🌐 Internet-Facing: HIGH - Baseband processors handle cellular communications directly exposed to carrier networks.
🏢 Internal Only: LOW - Primarily affects devices connecting to cellular networks, not internal enterprise systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: HIGH

Exploitation requires specialized knowledge of baseband processors and cellular protocols.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Device-specific firmware updates from manufacturers

Vendor Advisory: https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Restart Required: Yes

Instructions:

1. Check for device manufacturer security updates. 2. Apply latest firmware/OS updates. 3. For automotive systems, contact vehicle manufacturer for update procedures.

🔧 Temporary Workarounds

Disable vulnerable video features

all

Disable video calling or video configuration features if not required

Network filtering

all

Implement network-level filtering for suspicious Session Description Protocol traffic

🧯 If You Can't Patch

  • Isolate affected devices from critical networks
  • Implement strict network monitoring for anomalous baseband communications

🔍 How to Verify

Check if Vulnerable:

Check device specifications for affected Exynos modem chipsets and verify firmware version against manufacturer security bulletins.

Check Version:

Android: Settings > About Phone > Baseband version; Automotive: Consult manufacturer documentation

Verify Fix Applied:

Confirm device has received security updates after March 2023 and verify baseband firmware version.

📡 Detection & Monitoring

Log Indicators:

  • Baseband processor crashes
  • Unexpected modem resets
  • Video call session failures

Network Indicators:

  • Malformed Session Description Protocol packets
  • Anomalous video configuration negotiation attempts

SIEM Query:

Search for baseband/modem error events or unexpected session negotiation failures

📊 Metadata

CVE ID: CVE-2023-26497
CVSS v3 Score: 8.6 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
CWE: CWE-787
Published: March 21, 2023
Last Updated: February 26, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-26497, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)