CVE-2025-49494

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/	Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-49494/	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:samsung:modem_5123_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:modem_5123:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*

History

07 Nov 2025, 12:57

Type	Values Removed	Values Added
CPE		cpe:2.3:o:samsung:exynos_9110_firmware:-:::::::* cpe:2.3:o:samsung:modem_5123_firmware:-:::::::* cpe:2.3:h:samsung:exynos_2100:-:::::::* cpe:2.3:h:samsung:exynos_1280:-:::::::* cpe:2.3:h:samsung:exynos_2200:-:::::::* cpe:2.3:o:samsung:exynos_1280_firmware:-:::::::* cpe:2.3:o:samsung:exynos_1480_firmware:-:::::::* cpe:2.3:h:samsung:exynos_9110:-:::::::* cpe:2.3:h:samsung:exynos_1330:-:::::::* cpe:2.3:o:samsung:exynos_2200_firmware:-:::::::* cpe:2.3:h:samsung:exynos_1380:-:::::::* cpe:2.3:o:samsung:exynos_2100_firmware:-:::::::* cpe:2.3:h:samsung:modem_5123:-:::::::* cpe:2.3:o:samsung:exynos_1330_firmware:-:::::::* cpe:2.3:o:samsung:exynos_1380_firmware:-:::::::* cpe:2.3:h:samsung:exynos_1480:-:::::::*
References	~~() https://semiconductor.samsung.com/support/quality-support/product-security-updates/ -~~	() https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - Vendor Advisory
References	~~() https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-49494/ -~~	() https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-49494/ - Vendor Advisory
First Time		Samsung modem 5123 Firmware Samsung exynos 1280 Firmware Samsung exynos 2100 Samsung exynos 1380 Samsung exynos 2200 Samsung exynos 2200 Firmware Samsung exynos 9110 Firmware Samsung exynos 1480 Firmware Samsung exynos 1280 Samsung modem 5123 Samsung exynos 1330 Firmware Samsung exynos 1330 Samsung exynos 1380 Firmware Samsung exynos 9110 Samsung Samsung exynos 1480 Samsung exynos 2100 Firmware

06 Nov 2025, 19:45

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-11-04 20:17

Updated : 2025-11-07 12:57

NVD link : CVE-2025-49494

Mitre link : CVE-2025-49494

CVE.ORG link : CVE-2025-49494

JSON object : View

Products Affected

samsung

exynos_1480_firmware
modem_5123_firmware
exynos_9110
exynos_2200
exynos_1330
exynos_1280
exynos_1280_firmware
exynos_1380
exynos_2200_firmware
exynos_1330_firmware
exynos_2100_firmware
exynos_1480
modem_5123
exynos_9110_firmware
exynos_1380_firmware
exynos_2100

CWE

CWE-400

Uncontrolled Resource Consumption

7.5 /10