CVE-2024-27360 Overview
CVE-2024-27360 is a denial of service (DoS) vulnerability affecting multiple Samsung Exynos mobile processors. The flaw stems from improper validation of data length [CWE-1284], which allows a remote attacker to disrupt baseband processing without authentication or user interaction. The vulnerability impacts firmware shipped with the Exynos 850, 1080, 2100, 2200, 1280, 1380, 1330, and W930 chipsets used across a wide range of Samsung mobile and wearable devices. Samsung has published a security advisory detailing affected products and remediation guidance.
Critical Impact
Remote attackers can trigger a denial of service condition on affected Samsung Exynos processors without authentication or user interaction, disrupting mobile device availability.
Affected Products
- Samsung Exynos 850, 1080, 2100, 2200 firmware
- Samsung Exynos 1280, 1380, 1330 firmware
- Samsung Exynos W930 wearable processor firmware
Discovery Timeline
- 2024-07-09 - CVE-2024-27360 published to NVD
- 2026-06-17 - Last updated in NVD database
Technical Details for CVE-2024-27360
Vulnerability Analysis
The vulnerability resides in firmware components of Samsung Exynos mobile processors that handle incoming data structures. The affected code does not properly validate the length of input data before processing it. An attacker who reaches the vulnerable code path over the network can supply malformed input that triggers a denial of service condition. The flaw is classified under [CWE-1284] (Improper Validation of Specified Quantity in Input), reflecting missing or insufficient size checks on attacker-controlled fields.
Root Cause
The root cause is the absence of correct length validation on data consumed by baseband-adjacent firmware on affected Exynos chipsets. When a length field is not cross-checked against the actual payload size or against safe processing bounds, downstream parsing routines may operate on inconsistent buffers. This leads to a fault that disrupts the processor's normal operation and causes service interruption.
Attack Vector
The attack vector is network-based and requires no privileges or user interaction. A remote attacker can deliver a crafted message containing improperly sized data fields to a vulnerable Exynos-powered device. Successful exploitation impacts only availability, with no confidentiality or integrity exposure indicated. The Exploit Prediction Scoring System (EPSS) probability is 0.379%, and no public proof-of-concept or in-the-wild exploitation has been reported.
No verified exploit code is publicly available. See the Samsung CVE-2024-27360 Details advisory for vendor-supplied technical context.
Detection Methods for CVE-2024-27360
Indicators of Compromise
- Unexpected modem or baseband resets, repeated radio interface crashes, or loss of cellular connectivity on Exynos-based devices.
- Device logs showing abnormal terminations in baseband or radio firmware processes around the time of network anomalies.
- Spikes in malformed signaling traffic directed at mobile devices on managed networks.
Detection Strategies
- Monitor mobile device management (MDM) telemetry for repeated crash, reboot, or connectivity-loss events on Samsung devices using affected Exynos chipsets.
- Correlate device-side stability events with network-side anomalies, such as malformed protocol messages observed by carrier-grade or enterprise mobile monitoring tools.
- Track firmware and security patch level (SPL) across the device fleet to identify endpoints still running pre-patch Exynos firmware.
Monitoring Recommendations
- Maintain an inventory of devices using affected Exynos processors and alert when firmware versions fall behind Samsung's published security updates.
- Forward MDM and endpoint mobile threat telemetry into a centralized analytics platform to detect repeated DoS-like patterns across the fleet.
- Subscribe to Samsung Product Security Updates and ingest new advisories into vulnerability management workflows.
How to Mitigate CVE-2024-27360
Immediate Actions Required
- Identify all devices in the environment that use affected Samsung Exynos chipsets and verify their current firmware patch level.
- Apply the latest Samsung security update that addresses CVE-2024-27360 as soon as it is available for each affected device model.
- Enforce a minimum security patch level policy through MDM to block or quarantine devices that remain unpatched.
Patch Information
Samsung has acknowledged the vulnerability and published remediation guidance on its semiconductor security portal. Refer to the Samsung CVE-2024-27360 Details page for the list of affected chipsets and the corresponding patched firmware versions. Device-level fixes are distributed by Samsung and downstream OEMs through standard mobile firmware updates.
Workarounds
- Restrict exposure of affected devices to untrusted cellular or wireless networks where feasible until firmware updates are applied.
- Use MDM policies to require current security patch levels for access to corporate resources.
- Disable or limit non-essential radio interfaces on high-value devices until patched firmware is confirmed deployed.
# Example: query Android device security patch level via adb
adb shell getprop ro.build.version.security_patch
adb shell getprop ro.boot.hardware
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

