Improper Handling of Values in Samsung products - CVE-2025-26783
Published: May 7, 2025
Vulnerability identifier: #VU108760
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2025-26783
CWE-ID: CWE-229
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Samsung
Affected software:
Exynos 2100
Exynos 1280
Exynos 2200
Exynos 1330
Exynos 1380
Exynos 1480
Exynos 2400
Exynos W1000
Exynos Modem 5300
Exynos Modem 5400
Exynos 2100
Exynos 1280
Exynos 2200
Exynos 1330
Exynos 1380
Exynos 1480
Exynos 2400
Exynos W1000
Exynos Modem 5300
Exynos Modem 5400
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect handling of undefined values. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
How to mitigate CVE-2025-26783
Install updates from vendor's website.