CVE-2022-23432
6.4
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices with Exynos chipsets | P(9.0), Q(10.0), R(11.0), S(12.0) devices with selected Exynos chipsets < SMR Feb-2022 Release 1 | affected |
Weaknesses
- CWE-20: CWE-20: Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.