Fastconnect 7800 Firmware Security Vulnerabilities - CVSS Score 9 - 10

CVE-2023-21631

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

CVE-2023-24855

Memory corruption in Modem while processing security related configuration before AS Security Exchange.

CVE-2023-28581

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

CVE-2023-33058

Information disclosure in Modem while processing SIB5.

CVE-2023-33072

Memory corruption in Core while processing control functions.

CVE-2023-43518

Memory corruption in video while parsing invalid mp2 clip.

CVE-2023-43519

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.

CVE-2023-43520

Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.

CVE-2023-43534

Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.

CVE-2024-21456

Information Disclosure while parsing beacon frame in STA.