Every CVE whose affected-product data names Samsung Mtower, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2022-35858 — CVSS 7.8 (high): The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory…
CVE-2022-36621 — CVSS 7.5 (high): Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObj…
CVE-2022-36622 — CVSS 7.5 (high): Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1.
CVE-2022-38155 — CVSS 7.5 (high): TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as…
CVE-2022-39828 — CVSS 7.5 (high): sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of…
CVE-2022-39829 — CVSS 7.5 (high): There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of…
CVE-2022-39830 — CVSS 7.5 (high): sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading…
CVE-2022-40757 — CVSS 7.5 (high): A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a…
CVE-2022-40758 — CVSS 7.5 (high): A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted…
CVE-2022-40759 — CVSS 7.5 (high): A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to…
CVE-2022-40760 — CVSS 7.5 (high): A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted…
CVE-2022-40761 — CVSS 7.5 (high): The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the…
CVE-2022-40762 — CVSS 7.5 (high): A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted…