high
7.5
Advisory Published
Updated

CVE-2024-29152

First published: Tue Jun 04 2024(Updated: )

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
All of
Samsung Exynos 980 Firmware
Samsung Exynos 980
All of
Samsung Exynos 990 firmware
Samsung Exynos 990
All of
Samsung Exynos 850 firmware
Samsung Exynos 850
All of
Samsung Exynos 1080 Firmware
Samsung Exynos 1080
All of
Samsung Exynos 2100 firmware
Samsung Exynos 2100 firmware
All of
Samsung Exynos 2200 firmware
Samsung Exynos 2200
All of
Samsung Exynos 1280 firmware
Samsung Exynos 1280
All of
Samsung Exynos 1380 firmware
Samsung Mobile Processor Exynos 1380
All of
Samsung Exynos 1330 firmware
Samsung Exynos 1330 firmware
All of
Samsung Exynos 2400 firmware
Samsung Mobile Processor Exynos 2400
All of
Samsung Exynos 9110 firmware
Samsung Exynos 9110 firmware
All of
Samsung Exynos W920 firmware
Samsung Exynos W920 firmware
All of
Samsung Exynos W930 firmware
Samsung Exynos W930 firmware
All of
Samsung Exynos 5123 firmware
Samsung Exynos Modem 5123 firmware
All of
Samsung Exynos Modem 5300 firmware
Samsung Exynos Modem 5300 firmware
All of
Samsung Exynos Auto T5123 Firmware
Samsung Exynos Auto T5123 Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-29152?

    CVE-2024-29152 has a high severity rating due to its potential impact on baseband security.

  • How do I fix CVE-2024-29152?

    To fix CVE-2024-29152, update to the latest firmware provided by Samsung for the affected Exynos processors.

  • What devices are affected by CVE-2024-29152?

    CVE-2024-29152 affects multiple Samsung Exynos processors, including Exynos 980, 990, 1080, 2100, and others.

  • What are the potential consequences of exploiting CVE-2024-29152?

    Exploiting CVE-2024-29152 could allow attackers to compromise the integrity and confidentiality of affected devices.

  • Is there a workaround for CVE-2024-29152?

    Currently, the recommended action for CVE-2024-29152 is to apply the necessary firmware updates to mitigate the vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203