The vulnerability of the implementation of the WMI_REQUEST_STATS_CMDID command in Qualcomm’s embedded devices allows a hacker to execute arbitrary code.

The vulnerability of the WMIREQUESTSTATSCMDID implementation in Qualcomm’s embedded devices arises due to buffer overflow. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

PT-2023-1410 · Qualcomm · Qualcomm Embedded Platform

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform affected versions not specified Description: The issue is caused by a buffer overflow due to a buffer copy without checking the size of the input in the modem while receiving the WMI REQUEST STATS CMDID command. Thi...