CVE-2024-25074
📋 TL;DR
A pointer dereference vulnerability in Samsung Exynos baseband software allows attackers to cause denial of service by exploiting improper pointer validation in the Session Management module. This affects numerous Samsung mobile processors and modems used in smartphones and other mobile devices. Users of affected Samsung devices are potentially vulnerable.
💻 Affected Systems
- Samsung Semiconductor Mobile Processor Exynos 9820
- Exynos 9825
- Exynos 980
- Exynos 990
- Exynos 850
- Exynos 1080
- Exynos 2100
- Exynos 2200
- Exynos 1280
- Exynos 1380
- Exynos 1330
- Exynos 9110
- Exynos W920
- Exynos W930
- Exynos Modem 5123
- Exynos Modem 5300
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete device crash or baseband processor failure requiring physical restart, potentially disrupting cellular connectivity and emergency services access.
Likely Case
Temporary loss of cellular connectivity (calls, SMS, data) until device reboots, with possible service disruption for affected users.
If Mitigated
Minimal impact if patched, with normal device operation maintained.
🎯 Exploit Status
Exploitation requires baseband-level access and knowledge of SM module internals. No public exploits known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Vendor-specific firmware updates
Vendor Advisory: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-25074/
Restart Required: Yes
Instructions:
1. Check for device manufacturer firmware updates. 2. Apply latest security patch from device vendor. 3. Reboot device after update.
🔧 Temporary Workarounds
Disable vulnerable cellular bands
androidTemporarily disable cellular connectivity to prevent exploitation via baseband.
adb shell settings put global airplane_mode_on 1
adb shell am broadcast -a android.intent.action.AIRPLANE_MODE
🧯 If You Can't Patch
- Isolate affected devices from untrusted networks
- Monitor for baseband crash logs and cellular service disruptions
🔍 How to Verify
Check if Vulnerable:
Check device model and processor in Settings > About phone. Compare with affected Exynos models list.Check Version:
adb shell getprop ro.boot.bootloaderVerify Fix Applied:
Verify security patch level in Settings > About phone > Software information is after vendor patch date.📡 Detection & Monitoring
Log Indicators:
- Baseband crash logs
- Unexpected cellular service disconnections
- Modem restart events in system logs
Network Indicators:
- Sudden loss of cellular connectivity without user action
- Abnormal baseband signaling patterns
SIEM Query:
source="android_system" AND ("modem crash" OR "baseband failure" OR "ril restart")