Lucene search

QualcommCVE-2023-43545

HistoryJun 03, 2024 - 10:15 a.m.

CVE-2023-43545

2024-06-0310:15:10

CWE-190

qualcomm

web.nvd.nist.gov

nvd

vulnerability

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

Low

EPSS

Percentile

9.0%

JSON

Memory corruption when more scan frequency list or channels are sent from the user space.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto",
      "Snapdragon Consumer Electronics Connectivity",
      "Snapdragon Industrial IOT",
      "Snapdragon Mobile"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "AR8035"
      },
      {
        "status": "affected",
        "version": "FastConnect 7800"
      },
      {
        "status": "affected",
        "version": "QCA6554A"
      },
      {
        "status": "affected",
        "version": "QCA6564AU"
      },
      {
        "status": "affected",
        "version": "QCA6574"
      },
      {
        "status": "affected",
        "version": "QCA6574A"
      },
      {
        "status": "affected",
        "version": "QCA6574AU"
      },
      {
        "status": "affected",
        "version": "QCA6584AU"
      },
      {
        "status": "affected",
        "version": "QCA6595"
      },
      {
        "status": "affected",
        "version": "QCA6595AU"
      },
      {
        "status": "affected",
        "version": "QCA6696"
      },
      {
        "status": "affected",
        "version": "QCA8081"
      },
      {
        "status": "affected",
        "version": "QCA8337"
      },
      {
        "status": "affected",
        "version": "QCC2073"
      },
      {
        "status": "affected",
        "version": "QCC2076"
      },
      {
        "status": "affected",
        "version": "QCC710"
      },
      {
        "status": "affected",
        "version": "QCN6224"
      },
      {
        "status": "affected",
        "version": "QCN6274"
      },
      {
        "status": "affected",
        "version": "QFW7114"
      },
      {
        "status": "affected",
        "version": "QFW7124"
      },
      {
        "status": "affected",
        "version": "SD660"
      },
      {
        "status": "affected",
        "version": "Snapdragon 660 Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon X75 5G Modem-RF System"
      },
      {
        "status": "affected",
        "version": "WCD9335"
      },
      {
        "status": "affected",
        "version": "WCD9340"
      },
      {
        "status": "affected",
        "version": "WCD9341"
      },
      {
        "status": "affected",
        "version": "WCN3980"
      },
      {
        "status": "affected",
        "version": "WCN3990"
      }
    ]
  }
]

References

docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for CVE-2023-43545