What is CVE-2023-31115?

CVE-2023-31115 is a high-severity vulnerability in Samsung Exynos_5123, classified under Incorrect Resource Transfer Between Spheres. CVSS score: 7.5/10. Published 2023-06-07.

How severe is CVE-2023-31115?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Samsung Exynos_5123

CVE-2023-31115

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause changes to the activation mode of RCS via a crafted application.

EPSS: 0.005 (37.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.

Affected products

Samsung Exynos_5123
Samsung Exynos_5123_firmware
Samsung Exynos_5300
Samsung Exynos_5300_firmware
N/a — versions n/a

Weakness classification (CWE)

CWE-669 — Incorrect Resource Transfer Between Spheres

References

cve@mitre.org (Vendor Advisory)

Frequently asked questions

What is CVE-2023-31115?: CVE-2023-31115 is a high-severity vulnerability in Samsung Exynos_5123, classified under Incorrect Resource Transfer Between Spheres. CVSS score: 7.5/10. Published 2023-06-07.
How severe is CVE-2023-31115?: High severity. CVSS v3 base score is 7.5 out of 10.