Login Sign Up

CVE-2023-50806

8.4 HIGH

📋 TL;DR

This vulnerability allows out-of-bounds heap buffer access in the SIM Proactive Command handler of affected Samsung processors and modems. Attackers could potentially execute arbitrary code, read sensitive memory, or cause denial of service. It affects Samsung mobile devices, wearables, and modems using the listed Exynos processors.

💻 Affected Systems

Products:
  • Samsung Mobile Processor
  • Samsung Wearable Processor
  • Samsung Modems
Versions: Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300
Operating Systems: Android-based Samsung devices, Wear OS-based Samsung wearables
Default Config Vulnerable: ⚠️ Yes
Notes: Affects baseband/firmware layer, independent of Android OS version. Requires physical SIM card access or carrier network interaction.

📦 What is this software?

Exynos 1080 Firmware by Samsung

View all CVEs affecting Exynos 1080 Firmware →

Exynos 1280 Firmware by Samsung

View all CVEs affecting Exynos 1280 Firmware →

Exynos 1330 Firmware by Samsung

View all CVEs affecting Exynos 1330 Firmware →

Exynos 1380 Firmware by Samsung

View all CVEs affecting Exynos 1380 Firmware →

Exynos 2100 Firmware by Samsung

View all CVEs affecting Exynos 2100 Firmware →

Exynos 2200 Firmware by Samsung

View all CVEs affecting Exynos 2200 Firmware →

Exynos 850 Firmware by Samsung

View all CVEs affecting Exynos 850 Firmware →

Exynos 9110 Firmware by Samsung

View all CVEs affecting Exynos 9110 Firmware →

Exynos 980 Firmware by Samsung

View all CVEs affecting Exynos 980 Firmware →

Exynos 9820 Firmware by Samsung

View all CVEs affecting Exynos 9820 Firmware →

Exynos 9825 Firmware by Samsung

View all CVEs affecting Exynos 9825 Firmware →

Exynos 990 Firmware by Samsung

View all CVEs affecting Exynos 990 Firmware →

Exynos Modem 5123 Firmware by Samsung

View all CVEs affecting Exynos Modem 5123 Firmware →

Exynos Modem 5300 Firmware by Samsung

View all CVEs affecting Exynos Modem 5300 Firmware →

Exynos W920 Firmware by Samsung

View all CVEs affecting Exynos W920 Firmware →

Exynos W930 Firmware by Samsung

View all CVEs affecting Exynos W930 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution allowing full device compromise, data theft, or persistent backdoor installation via malicious SIM card or baseband interaction.

🟠

Likely Case

Denial of service (device crash/reboot) or limited information disclosure from memory corruption via specially crafted SIM commands.

🟢

If Mitigated

Limited impact if devices are patched, use secure SIM cards, and have network-level protections against malicious baseband interactions.

🌐 Internet-Facing: MEDIUM - Requires interaction with cellular network or malicious SIM card, not directly internet-exposed but accessible via carrier networks.
🏢 Internal Only: LOW - Primarily affects mobile/wearable devices, not traditional internal enterprise systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires SIM card manipulation or baseband interaction. No public exploits known, but CVSS 8.4 suggests significant attack potential.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Device-specific firmware updates from Samsung

Vendor Advisory: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50806/

Restart Required: Yes

Instructions:

1. Check for Samsung device firmware updates in Settings > Software update. 2. Apply available updates. 3. For enterprise devices, use Samsung Knox or MDM to deploy patches. 4. Contact carrier for modem-specific updates if applicable.

🔧 Temporary Workarounds

Disable vulnerable SIM features

all

Limit SIM proactive command functionality through carrier settings or device configuration

Use eSIM instead of physical SIM

all

eSIM may bypass some SIM card attack vectors, though baseband vulnerabilities remain

🧯 If You Can't Patch

  • Isolate affected devices from untrusted networks and limit cellular connectivity
  • Implement network monitoring for anomalous baseband/SIM communications

🔍 How to Verify

Check if Vulnerable:

Check device model and processor in Settings > About phone > Model number and Processor. Compare with affected list.

Check Version:

Settings > About phone > Software information > Baseband version and Build number

Verify Fix Applied:

Verify firmware version after update matches latest available from Samsung for your device model.

📡 Detection & Monitoring

Log Indicators:

  • Baseband crash logs
  • SIM card error messages
  • Unexpected device reboots

Network Indicators:

  • Anomalous SIM proactive commands
  • Unusual baseband traffic patterns

SIEM Query:

Device logs containing 'SIM proactive command error' or 'baseband crash' for Samsung devices

📊 Metadata

CVE ID: CVE-2023-50806
CVSS v3 Score: 8.4 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-125
Published: July 9, 2024
Last Updated: June 26, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-50806, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)