CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-22377: An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480,...

6.5 CVSS

Description

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. A Heap-based Out-of-Bounds Write exists in the GPRS protocol implementation because of a mismatch between the actual length of the payload and the length declared within the payload.

Classification

CVE ID: CVE-2025-22377

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.5

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 9.24% (scored less or equal to compared to others)

EPSS Date: 2025-06-18 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-22377
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-22377/

Timeline

2025-05-27 18:40:19 UTC
CVE

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480,...