Source code: https://github.com/SyNSec-den/Loris
Reported 7 new 5G NR Vulnerabilities using Loris, 2025
- CVE-2024-52923
- CVE-2024-52924
- CVE-2025-26784
- CVE-2025-26785
- CVE-2025-27891
- Acknowledgement by Samsung:
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-26784/
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-26785/
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-27891/
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-52923/
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-52924/
- Bluetooth LE: CVE-2024-0045: Acknowledgement by Google.
- Awarded $29,250 for 1 critical and 2 high-severity vulnerabilities in Pixel phones, Google Bug Bounty (2025)
- Awarded $10,712 for 2 high- and 3 medium-severity vulnerabilities in Galaxy phones, Samsung Bug Bounty (2025)