In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor. The four most severe of these eighteen vulnerabilities (CVE-2023-24033 and three other vulnerabilities that have yet to be assigned CVE-IDs) allowed for Internet-to-baseband remote code execution.
Table of contents
Affected devicesPatch timelinesFour vulnerabilities being withheld from disclosureRelated vulnerabilities not being withheldSort: