CVE-2025-49494

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/	Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-49494/	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:samsung:modem_5123_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:modem_5123:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-11-04 20:17

Updated : 2025-11-07 12:57

NVD link : CVE-2025-49494

Mitre link : CVE-2025-49494

CVE.ORG link : CVE-2025-49494

JSON object : View

Products Affected

samsung

exynos_2200_firmware
exynos_1330_firmware
exynos_1280
modem_5123
exynos_1480_firmware
exynos_1380_firmware
exynos_1380
exynos_1280_firmware
exynos_9110_firmware
exynos_2200
modem_5123_firmware
exynos_1330
exynos_2100
exynos_2100_firmware
exynos_1480
exynos_9110

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2025-49494", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-11-04T20:17:15.930", "references": [{"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-49494/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service."}], "lastModified": "2025-11-07T12:57:14.400", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:samsung:modem_5123_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "045EF1AD-09AE-4A33-9CB0-E30548BF5324"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:samsung:modem_5123:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "65A314B5-05AD-4F3D-8371-DFDF3778A743"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD1A7B09-9031-4E54-A24F-3237C054166B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DFC68046-2F08-40D1-B158-89D8D9263541"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D381478B-C638-4663-BD71-144BE4B02E46"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "61E72146-72FE-4B54-AB79-3C665E7F016C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2635646-DD6A-4735-8E01-F45445584832"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AA0F8A58-71B7-4503-A03A-6FB4282D75BD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64897B0D-EBF6-4BEB-BF54-ABCDBFAB45E0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3F328B4-0442-4748-B5EE-DD1CEE50D6CF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89B88BFE-3C82-498C-8EC1-5784836DB1A1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9385885D-654A-496E-8029-7C6D9B077193"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1896BFF-D709-481B-AD4F-37D1A8B30C06"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6748EF2-3C63-41CD-B3D1-4B3FEC614B40"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63C0D9AC-BD23-48C9-83E7-301DEC06E583"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A72ADEBB-ED72-4A5B-BB27-95EDE43F8116"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}