CVE-2024-52923

Q: What is the severity of CVE-2024-52923?

CVE-2024-52923 has a CVSS score of 7.5 (HIGH). A boundary check vulnerability in Samsung's NRMM component for multiple Exynos processors allows denial of service attacks. Attackers can exploit this by sending specially crafted DL NAS Transport messages to affected devices. This affects Samsung mobile devices, wearables, and modems using the listed Exynos processors.

7.5 HIGH

Denial of Service

📋 TL;DR

A boundary check vulnerability in Samsung's NRMM component for multiple Exynos processors allows denial of service attacks. Attackers can exploit this by sending specially crafted DL NAS Transport messages to affected devices. This affects Samsung mobile devices, wearables, and modems using the listed Exynos processors.

💻 Affected Systems

Products:

Samsung Mobile Processor
Samsung Wearable Processor
Samsung Modem

Versions: All versions using affected Exynos processors prior to security patches

Operating Systems: Android-based Samsung devices, Wear OS-based Samsung devices

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400 processors

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device crash or reboot, rendering the device unusable until manually restarted, potentially disrupting critical communications.

🟠

Likely Case

Temporary service disruption on affected devices, requiring user intervention to restore functionality.

🟢

If Mitigated

Minimal impact with proper network filtering and updated firmware preventing exploitation.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires sending malformed DL NAS Transport messages to the NRMM component

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Latest security updates from Samsung

Vendor Advisory: https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Restart Required: No

Instructions:

1. Check for available updates in device settings. 2. Install the latest security patch from Samsung. 3. Verify the patch was successfully applied.

🔧 Temporary Workarounds

Network filtering

all

Implement network-level filtering to block malformed DL NAS Transport messages

🧯 If You Can't Patch

Isolate affected devices from untrusted networks
Monitor for unusual device crashes or reboots

🔍 How to Verify

Check if Vulnerable:

Check device model and processor information in Settings > About phone

Check Version:

Not applicable - check via device settings interface

Verify Fix Applied:

Verify the security patch level in Settings > About phone > Software information

📡 Detection & Monitoring

Log Indicators:

Unexpected device reboots
NRMM component crashes
Kernel panic logs

Network Indicators:

Unusual DL NAS Transport message patterns
Suspicious network traffic to device modems

SIEM Query:

Not provided - requires custom monitoring for device crash events

📊 Metadata

CVE ID: CVE-2024-52923

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-119

EPSS Score: 0.21% exploit probability (42.5th percentile)

Published: March 6, 2025

Last Updated: July 1, 2025

🔗 References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Exynos 1080 Firmware by Samsung

Exynos 1280 Firmware by Samsung

Exynos 1330 Firmware by Samsung

Exynos 1380 Firmware by Samsung

Exynos 1480 Firmware by Samsung

Exynos 2100 Firmware by Samsung

Exynos 2200 Firmware by Samsung

Exynos 2400 Firmware by Samsung

Exynos 850 Firmware by Samsung

Exynos 9110 Firmware by Samsung

Exynos 980 Firmware by Samsung

Exynos 9820 Firmware by Samsung

Exynos 9825 Firmware by Samsung

Exynos 990 Firmware by Samsung

Exynos Modem 5123 Firmware by Samsung

Exynos Modem 5300 Firmware by Samsung

Exynos Modem 5400 Firmware by Samsung

Exynos W1000 Firmware by Samsung

Exynos W920 Firmware by Samsung

Exynos W930 Firmware by Samsung