Lucene search

[email protected]CVE-2023-33025

HistoryJan 02, 2024 - 6:15 a.m.

CVE-2023-33025

2024-01-0206:15:08

CWE-120

[email protected]

web.nvd.nist.gov

cve-2023-33025

memory corruption

data modem

volte call

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.3%

JSON

Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call.

Affected configurations

NVD

Node

qualcommar8035_firmwareMatch-

AND

qualcommar8035Match-

Node

qualcommfastconnect_6700_firmwareMatch-

AND

qualcommfastconnect_6700Match-

Node

qualcommfastconnect_6900_firmwareMatch-

AND

qualcommfastconnect_6900Match-

Node

qualcommqca8081_firmwareMatch-

AND

qualcommqca8081Match-

Node

qualcommqca8337_firmwareMatch-

AND

qualcommqca8337Match-

Node

qualcommqcm4490_firmwareMatch-

AND

qualcommqcm4490Match-

Node

qualcommqcn6024_firmwareMatch-

AND

qualcommqcn6024Match-

Node

qualcommqcn9024_firmwareMatch-

AND

qualcommqcn9024Match-

Node

qualcommqcs4490_firmwareMatch-

AND

qualcommqcs4490Match-

Node

qualcommsm4450_firmwareMatch-

AND

qualcommsm4450Match-

Node

qualcommsnapdragon_680_4g_mobile_platform_firmwareMatch-

AND

qualcommsnapdragon_680_4g_mobile_platformMatch-

Node

qualcommsnapdragon_685_4g_mobile_platform_firmwareMatch-

AND

qualcommsnapdragon_685_4g_mobile_platformMatch-

Node

qualcommsnapdragon_x65_5g_modem-rf_system_firmwareMatch-

AND

qualcommsnapdragon_x65_5g_modem-rf_systemMatch-

Node

qualcommsnapdragon_x70_modem-rf_system_firmwareMatch-

AND

qualcommsnapdragon_x70_modem-rf_systemMatch-

Node

qualcommwcd9370_firmwareMatch-

AND

qualcommwcd9370Match-

Node

qualcommwcd9375_firmwareMatch-

AND

qualcommwcd9375Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcn3950_firmwareMatch-

AND

qualcommwcn3950Match-

Node

qualcommwcn3988_firmwareMatch-

AND

qualcommwcn3988Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8832_firmwareMatch-

AND

qualcommwsa8832Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

CPENameOperatorVersion
qualcomm:ar8035_firmwarequalcomm ar8035 firmwareeq-

CPE	Name	Operator	Version
qualcomm:ar8035_firmware	qualcomm ar8035 firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Industrial IOT",
      "Snapdragon Mobile"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "AR8035"
      },
      {
        "status": "affected",
        "version": "FastConnect 6700"
      },
      {
        "status": "affected",
        "version": "FastConnect 6900"
      },
      {
        "status": "affected",
        "version": "QCA8081"
      },
      {
        "status": "affected",
        "version": "QCA8337"
      },
      {
        "status": "affected",
        "version": "QCM4490"
      },
      {
        "status": "affected",
        "version": "QCN6024"
      },
      {
        "status": "affected",
        "version": "QCN9024"
      },
      {
        "status": "affected",
        "version": "QCS4490"
      },
      {
        "status": "affected",
        "version": "SM4450"
      },
      {
        "status": "affected",
        "version": "Snapdragon 680 4G Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)"
      },
      {
        "status": "affected",
        "version": "Snapdragon X65 5G Modem-RF System"
      },
      {
        "status": "affected",
        "version": "Snapdragon X70 Modem-RF System"
      },
      {
        "status": "affected",
        "version": "WCD9370"
      },
      {
        "status": "affected",
        "version": "WCD9375"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WCN3950"
      },
      {
        "status": "affected",
        "version": "WCN3988"
      },
      {
        "status": "affected",
        "version": "WSA8810"
      },
      {
        "status": "affected",
        "version": "WSA8815"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8832"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin

Social References

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.3%

JSON

Related for CVE-2023-33025

prion1 cvelist1 nvd1