Samsung Mtower
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Samsung Mtower.
By the Year
In 2026 there have been 0 vulnerabilities in Samsung Mtower. Mtower did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 13 | 7.52 |
It may take a day or so for new Mtower vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Samsung Mtower Security Vulnerabilities
TEE_Realloc DoS in Samsung mTower 0.3.0 via Len Overrun
CVE-2022-40762
7.5 - High
- September 16, 2022
A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len.
Allocation of Resources Without Limits or Throttling
DoS via tee_obj_free in Samsung mTower <=0.3.0
CVE-2022-40761
7.5 - High
- September 16, 2022
The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc.
Improper Validation of Specified Quantity in Input
Samsung mTower 0.3.0 Buffer Access with Incorrect Length in TEE_MACUpdate
CVE-2022-40760
7.5 - High
- September 16, 2022
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize.
Buffer Overflow
Samsung mTower <=0.3.0: NULL-Ptr TEE_MACCompareFinal DoS
CVE-2022-40759
7.5 - High
- September 16, 2022
A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation.
NULL Pointer Dereference
Samsung mTower 0.3.0 DoS via TEE_CipherUpdate Buffer Access
CVE-2022-40758
7.5 - High
- September 16, 2022
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen.
Buffer Overflow
Samsung mTower 0.3.0 DoS via TEE_MACComputeFinal Buffer Access
CVE-2022-40757
7.5 - High
- September 16, 2022
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.
Buffer Overflow
Denial of Service via sign_pFwInfo in Samsung mTower <0.3.0
CVE-2022-39830
7.5 - High
- September 05, 2022
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service.
Samsung mTower <=0.3.0 NULL Pointer Deref in aes256_encrypt (EVP_CIPHER_CTX_new)
CVE-2022-39829
7.5 - High
- September 05, 2022
There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new.
NULL Pointer Dereference
Samsung mTower <=0.3.0 EC_KEY_set_private_key Denial of Service
CVE-2022-39828
7.5 - High
- September 05, 2022
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service.
Samsung mTower v<0.3.0 NULL Pointer Deref via TEE_GetObjectInfo1
CVE-2022-36622
7.5 - High
- September 01, 2022
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1.
NULL Pointer Dereference
Samsung mTower <=0.3.0 NULL Ptr Deref via TEE_AllocTransient
CVE-2022-36621
7.5 - High
- September 01, 2022
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject.
NULL Pointer Dereference
Excessive Memory Allocation in Samsung mTower <= 0.3.0 via TEE_Malloc
CVE-2022-38155
7.5 - High
- August 11, 2022
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash.
Allocation of Resources Without Limits or Throttling
Samsung mTower 0.3.0 TEE_PopulateTransientObject Overflow (CVE-2022-35858)
CVE-2022-35858
7.8 - High
- August 04, 2022
The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.
Memory Leak
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Samsung Mtower or by Samsung? Click the Watch button to subscribe.
