Sm7350-Ab Firmware Security Vulnerabilities - CVSS Score 9 - 10

CVE-2022-33231

Memory corruption due to double free in core while initializing the encryption key.

CVE-2022-33288

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

CVE-2023-28540

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.