Why You Shouldn't Use Microsoft Windows11.


LMDE5 - Linux Mint Debian Edition.

LMDE5 -...

Why Should I Not Use Windows10?

Here are a...

18 Zero-day Vulnerabilities Found In Samsung Exynos chipsets

18 Zero-day Vulnerabilities Found In Samsung Exynos chipsets

18 Zero-day Vulnerabilities Found In Samsung Exynos chipsets.

Samsung’s Exynos chipsets are used in their mobile devices, wearables and even cars.

The zero days were discovered by Googles Zero-day bug hunting team.

When it come to Exynos modems, there were security flaws reported between late 2022 and early 2023.

Four Internet-to-baseband remote code execution (RCE) bugs (including CVE-2023-24033 ) and three others, still waiting for an CVE-ID allows attackers to compromise vulnerable devices remotely and without any user interaction.

The only information required for attacks to be pulled off is the victim's phone number, according to Tim Willis, the Head of Project Zero.

Now I do not want to make you worry more than you need to, but with minimal additional research, an experienced attacker can easily create an exploit capable of remotely compromising these vulnerable devices without even triggering your attention.

For a very good reason, the security researchers are witholding information as it would be easy for anyone, with some basic coding experience to create a PoC exploit.

A rare exception to the rules:

"Due to a very rare combination of level of access these vulnerabilities provide and the speed with which we believe a reliable operational exploit could be crafted, we have decided to make a policy exception to delay disclosure for the four vulnerabilities that allow for Internet-to-baseband remote code execution," Willis says.

However this won't deterr anyone already aware of one or more of these flaws.

Besides these flaws, that they are trying to hide away, there are still 14 remaining. (including CVE-2023-24072, CVE-2023-24073, CVE-2023-24074, CVE-2023-24075, CVE-2023-24076).

Others that has not been assigned an CVE-ID are not critical, but still poses a risk to the user.

A list provided by SAMSUNG of affected devices:

You should assume more devices using Samsung’s Exynos chipsets are affected !!!!

  • Mobile devices from Samsung, including those in the S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series.
  • Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series.
  • The Pixel 6 and Pixel 7 series of devices from Google.
  • Wearables that use the Exynos W920 chipset and any vehicles that use the Exynos Auto T5123 chipset.

Check if you smartphone has Samsung’s Exynos chipsets here at GSM ARENA.


Each manufacturer's patch timeline for their devices will differ and it is unlikely that the oldest models using this chipset will reveive any security update.

It all depends on your country and provider.

Samsung Semiconductor's advisories provides the list of Exynos chipsets that are affected by these vulnerabilities.

A temporary fix:

You can still thwart baseband RCE exploitation attempts targeting Samsung's Exynos chipsets in your device by disabling Wi-Fi calling and Voice-over-LTE (VoLTE) to remove the attack vector.

Read more at Project Zero.



Help us by donating a small amount

If you find this site helpful, please consider donating a small amount.
Please use our contact us form and we will give you the relevant information to make a donation.
We accept BitCoin and ZCash at the moment.

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.


All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.


Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.


Limited Time Offers

None at the moment.