CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-44068

Medium Severity
SVRS
36/100
CVSSv3
NA/10
EPSS
0.0004/1

CVE-2024-44068 is a Use-After-Free vulnerability in Samsung Exynos processors, potentially leading to privilege escalation. This flaw impacts devices using Exynos 9820, 9825, 980, 990, 850, and W920 processors. The vulnerability resides within the m2m scaler driver. Despite a low CVSS score of 0, the SOCRadar Vulnerability Risk Score (SVRS) of 36, combined with the "In The Wild" tag, indicates a potential elevated risk. While not deemed critical (SVRS above 80), the privilege escalation capabilities make it a serious concern. The fact it is tagged as "In The Wild" suggests active exploitation is possible. Immediate patching and monitoring are recommended to mitigate potential threats arising from this security flaw.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-10-07
LAST MODIFIED2024-10-10
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-44068 is a Use-After-Free vulnerability in the m2m scaler driver of Samsung Mobile Processor and Wearable Processor Exynos models. This vulnerability allows an attacker to escalate privileges on affected devices. The CVSS score of 8.1 indicates a high severity, while the SOCRadar Vulnerability Risk Score (SVRS) of 34 suggests a moderate risk.

Key Insights:

  • Privilege Escalation: This vulnerability can be exploited to gain elevated privileges on affected devices, potentially allowing attackers to access sensitive data or execute malicious code.
  • In The Wild: The vulnerability is actively exploited by hackers, making it a critical threat to Samsung device users.
  • Affected Devices: The vulnerability affects a wide range of Samsung Mobile Processor and Wearable Processor Exynos models, including Exynos 9820, 9825, 980, 990, 850, and W920.

Mitigation Strategies:

  • Apply Software Updates: Samsung has released security updates to address this vulnerability. Users should install these updates as soon as possible.
  • Disable Affected Features: If software updates are not available, users can disable the affected features (e.g., m2m scaler) to mitigate the risk of exploitation.
  • Use Strong Passwords: Users should use strong and unique passwords to protect their devices from unauthorized access.
  • Enable Two-Factor Authentication: Two-factor authentication adds an extra layer of security to user accounts, making it more difficult for attackers to gain access.

Additional Information:

  • Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
  • Exploit Status: Active exploits have been published for this vulnerability.
  • CISA Warnings: The Cybersecurity and Infrastructure Security Agency (CISA) has warned of this vulnerability, calling for immediate and necessary measures.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Researchers disclosed details of a now-patched Samsung zero-click flaw
Pierluigi Paganini2025-01-10
Researchers disclosed details of a now-patched Samsung zero-click flaw | Researchers at Google Project Zero disclosed a now-patched zero-click vulnerability that affects Samsung devices. Google Project Zero researchers disclosed details about a now-patched zero-click vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), in Samsung devices. The flaw is an out-of-bound write issue in libsaped.so prior to SMR Dec-2024 Release 1, it allows remote attackers to execute arbitrary code. [&#8230;] <h2 class="wp
securityaffairs.co
rss
forum
news
Google Warns of Samsung Zero-Day exploited in the wild
Priyanka R2024-12-03
Google Warns of Samsung Zero-Day exploited in the wild | Google’s Threat Analysis Group researchers warn of a Samsung zero-day vulnerability that is actively exploited in the wild. The vulnerability tracked as CVE-2024-44068 (CVSS score of 8.1) is a use-after-free issue, which could be exploited to escalate privileges on a vulnerable Android device. A vulnerability resides in Samsung mobile processors and according to the experts, it has been chained with other vulnerabilities to achieve arbitrary code execution on vulnerable devices. Samsung addressed the vulnerability with the release of security updates in
cybersafe.news
rss
forum
news
Samsung Use-After-Free Zero-day Vulnerability Exploited In The Wild - CybersecurityNews
2024-10-23
Samsung Use-After-Free Zero-day Vulnerability Exploited In The Wild - CybersecurityNews | News Content: Samsung has devices affected by a critical security vulnerability (CVE-2024-44068) that affects multiple Exynos mobile processors actively exploited in the wild. The high-severity flaw impacts several processor models, including the Exynos 9820, 9825, 980, 990, 850, and W920 series. The vulnerability stems from a Use-After-Free condition in the m2m scaler driver, which handles hardware acceleration for media functions like JPEG decoding and image scaling. The flaw allows attackers to execute arbitrary code with elevated privileges by exploiting how the driver manages
google.com
rss
forum
news
Vulnerability Recap 10/28/24 – Phishing, DoS, RCE &amp; a Zero-Day
Jenna Phipps2024-10-29
Vulnerability Recap 10/28/24 – Phishing, DoS, RCE &amp; a Zero-Day | This week’s security vulnerabilities include a couple of Cisco flaws and a Fortinet issue that took a while to be announced. The post Vulnerability Recap 10/28/24 – Phishing, DoS, RCE &amp; a Zero-Day appeared first on eSecurity Planet.Like last week, this week’s theme continues to be vulnerabilities, discovered months ago, that are still rearing their
esecurityplanet.com
rss
forum
news
Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION
Pierluigi Paganini2024-10-27
Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Chinese cyber spies targeted phones used by Trump and Vance Irish Data Protection Commission fined LinkedIn €310M for [&#8230;] A new round of the weekly SecurityAffairs newsletter arrived
securityaffairs.co
rss
forum
news
Some Samsung Exynos phone chips have a worrying security flaw
2024-10-25
Some Samsung Exynos phone chips have a worrying security flaw | Google warns nation-states could be exploiting vulnerabilities in Samsung smartphones. Some Samsung smartphones were reportedly carrying a high severity vulnerability in their processors, allowing threat actors to escalate privileges and possibly drop malware on the devices.Cybersecurity researchers from Google’s Threat Analysis Group (TAG) found the flaw and reported it to Samsung, which addressed the vulnerability on October 7, with a patch and a follow-up security advisory.In the
pro
techradar.com
rss
forum
CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) - The Hacker News
2024-10-23
CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) - The Hacker News | News Content: A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result in remote code execution. "An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint
cve-2024-44068
cve-2024-38094
cves
microsoft sharepoint

Social Media

Samsung Use-After-Free Zero-day Vulnerability Exploited In The Wild Samsung has devices affected by a critical security vulnerability (CVE-2024-44068) that affects multiple Exynos mobile processors actively exploited in the wild. The high-severity flaw... https://t.co/V5PM1LPbYk
0
0
0
Google’s Threat Analysis Group (TAG) warns of a Samsung zero-day vulnerability, tracked as CVE-2024-44068 (CVSS score of 8.1), which is exploited in the wild. #CyberThreat #ZeroDay #CyberAlert https://t.co/u9GJW6JztX
0
0
0
Google's Threat Analysis Group (TAG) has alerted the public to a zero-day vulnerability in Samsung mobile processors, tracked as CVE-2024-44068. https://t.co/u29oRXdj8k
0
0
0
1/6 🚨 @Samsung phone users, update now! 🚨 @Google discovered a zero-day vulnerability (CVE-2024-44068) being exploited in the wild. 😱 #cybersecurity #infosec #Samsung #Android #zeroday #vulnerability #CVE202444068
0
0
0
Samsung disclosed and patched a high severity use-after-free vulnerability (CVE-2024-44068) affecting "Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920."
2
0
1
Samsung Zero-Day Vuln Under Active Exploit, Google Warns: https://t.co/okNccGrfZM A zero-day vulnerability, CVE-2024-44068, affecting Samsung's mobile processors has been exploited for arbitrary code execution. It has a critical CVSS score of 8.1 and was patched in Samsung's
0
0
0
New: Critical Vulnerability (CVE-2024-44068) in Samsung mobile rocessors discovered by @_clem1 &amp; @1ce0ear highlights growing mobile security threat https://t.co/mHl8hhkId0
0
0
1
‼️ Zero-Day Alert ‼️ A critical vulnerability, tracked as CVE-2024-44068, has been discovered in Samsung's mobile processors, leading to the potential for arbitrary code execution and privilege escalation on affected devices. This use-after-free bug, which affects several https://t.co/l2BTP0DTTU
0
0
0
Researcher Details 0-Day Flaw CVE-2024-44068 in Samsung Exynos Processors https://t.co/JK3RMQw4rh
0
2
7
Samsung’s scarce advisory on CVE-2024-44068 makes no mention of itw exploitation, but Google researcher Xingyu Jin, who was credited for reporting the flaw in July, and Google TAG researcher Clement Lecigene, warn that an exploit exists in the wild. https://t.co/xN7rheUC5A
1
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://semiconductor.samsung.com/support/quality-support/product-security-updates/
[email protected]https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-44068/

CWE Details

CWE IDCWE NameDescription
CWE-416Use After FreeReferencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence