CVE-2025-58349
Received Received - Intake
Baseband Crash via LTE MAC Packet Handling in Samsung Exynos

Publication date: 2026-04-06

Last updated on: 2026-04-07

Assigner: MITRE

Description
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect handling of LTE MAC packets containing many MAC Control Elements (CEs) leads to baseband crashes.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-06
Last Modified
2026-04-07
Generated
2026-06-16
AI Q&A
2026-04-06
EPSS Evaluated
2026-06-15
NVD
CVE-2025-58349
EUVD
EUVD-2025-209247
Affected Vendors & Products
Showing 20 associated CPEs
Vendor Product Version / Range
samsung exynos_990_firmware *
samsung exynos_980_firmware *
samsung exynos_850_firmware *
samsung exynos_1080_firmware *
samsung exynos_1280_firmware *
samsung exynos_1330_firmware *
samsung exynos_1380_firmware *
samsung exynos_1480_firmware *
samsung exynos_1580_firmware *
samsung exynos_2100_firmware *
samsung exynos_2200_firmware *
samsung exynos_2400_firmware *
samsung exynos_2500_firmware *
samsung exynos_w930_firmware *
samsung exynos_w920_firmware *
samsung exynos_w1000_firmware *
samsung exynos_modem_5400_firmware *
samsung exynos_modem_5300_firmware *
samsung exynos_modem_5123_firmware *
samsung exynos_9110_firmware *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

No specific patched versions or mitigation details are provided in the available information.

The vulnerability causes baseband crashes due to incorrect handling of LTE MAC packets with many MAC Control Elements, which may affect device stability and network connectivity.

Compliance Impact

The provided information does not specify any impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2025-58349 is a medium-severity vulnerability found in certain Samsung Exynos processors and modems. It occurs due to incorrect handling of LTE MAC packets that contain a large number of MAC Control Elements (CEs). This improper processing happens in the Layer 2 (L2) component of the LTE protocol stack.

Because of this flaw, the baseband processor can crash when processing these packets, which may disrupt the normal functioning of the device's communication capabilities.

Impact Analysis

This vulnerability can cause the baseband processor in affected Samsung devices to crash. Such crashes may lead to instability in the device and interruptions in network connectivity, potentially affecting voice, data, and other communication services.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-58349. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart