Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2023-2273
Vulnerability from csaf_certbund
Published
2023-09-05 22:00
Modified
2023-09-05 22:00
Summary
Google Android: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff
Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuführen.
Betroffene Betriebssysteme
- Android
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Android", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2273 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2273.json" }, { "category": "self", "summary": "WID-SEC-2023-2273 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2273" }, { "category": "external", "summary": "Android Security Bulletin vom 2023-09-05", "url": "https://source.android.com/docs/security/bulletin/2023-09-01" } ], "source_lang": "en-US", "title": "Google Android: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-09-05T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:43:08.671+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2273", "initial_release_date": "2023-09-05T22:00:00.000+00:00", "revision_history": [ { "date": "2023-09-05T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Google Android \u003c= 13", "product": { "name": "Google Android \u003c= 13", "product_id": "T029729", "product_identification_helper": { "cpe": "cpe:/o:google:android:13" } } } ], "category": "vendor", "name": "Google" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-35687", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35687" }, { "cve": "CVE-2023-35684", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35684" }, { "cve": "CVE-2023-35683", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35683" }, { "cve": "CVE-2023-35682", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35682" }, { "cve": "CVE-2023-35681", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35681" }, { "cve": "CVE-2023-35680", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35680" }, { "cve": "CVE-2023-35679", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35679" }, { "cve": "CVE-2023-35677", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35677" }, { "cve": "CVE-2023-35676", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35676" }, { "cve": "CVE-2023-35675", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35675" }, { "cve": "CVE-2023-35674", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35674" }, { "cve": "CVE-2023-35673", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35673" }, { "cve": "CVE-2023-35671", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35671" }, { "cve": "CVE-2023-35670", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35670" }, { "cve": "CVE-2023-35669", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35669" }, { "cve": "CVE-2023-35667", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35667" }, { "cve": "CVE-2023-35666", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35666" }, { "cve": "CVE-2023-35665", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35665" }, { "cve": "CVE-2023-35664", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35664" }, { "cve": "CVE-2023-35658", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-35658" }, { "cve": "CVE-2023-33021", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-33021" }, { "cve": "CVE-2023-33019", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-33019" }, { "cve": "CVE-2023-33016", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-33016" }, { "cve": "CVE-2023-33015", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-33015" }, { "cve": "CVE-2023-28584", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-28584" }, { "cve": "CVE-2023-28581", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-28581" }, { "cve": "CVE-2023-28573", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-28573" }, { "cve": "CVE-2023-28549", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-28549" }, { "cve": "CVE-2023-28538", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-28538" }, { "cve": "CVE-2023-21653", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-21653" }, { "cve": "CVE-2023-21646", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2023-21646" }, { "cve": "CVE-2022-40534", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Google Android. Diese Fehler sind im Android-System, im Framework, im Google Play-System und im Kernel vorhanden und richten sich an Drittanbieter. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung kann eine Benutzerinteraktion erforderlich sein." } ], "product_status": { "last_affected": [ "T029729" ] }, "release_date": "2023-09-05T22:00:00Z", "title": "CVE-2022-40534" } ] }
cve-2023-35673
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:33
Severity ?
EPSS score ?
Summary
In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.602Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8770c07c102c7fdc74626dc717acc8f6dd1c92cc" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "11" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35673", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:17:07.882223Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:33:31.585Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:42.035Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8770c07c102c7fdc74626dc717acc8f6dd1c92cc" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35673", "datePublished": "2023-09-11T20:09:53.391Z", "dateReserved": "2023-06-15T02:50:29.820Z", "dateUpdated": "2024-09-26T14:33:31.585Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35683
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 15:47
Severity ?
EPSS score ?
Summary
In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.641Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/23d156ed1bed6d2c2b325f0be540d0afca510c49" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-35683", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:46:44.085863Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:47:01.584Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:45.309Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/23d156ed1bed6d2c2b325f0be540d0afca510c49" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35683", "datePublished": "2023-09-11T20:09:55.077Z", "dateReserved": "2023-06-15T02:50:31.873Z", "dateUpdated": "2024-09-26T15:47:01.584Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35675
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:30
Severity ?
EPSS score ?
Summary
In loadMediaResumptionControls of MediaResumeListener.kt, there is a possible way to play and listen to media files played by another user on the same device due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.580Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/frameworks/base/+/c1cf4b9746c9641190730172522324ccd5b8c914" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "11" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35675", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:14:21.302181Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:30:04.570Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In loadMediaResumptionControls of MediaResumeListener.kt, there is a possible way to play and listen to media files played by another user on the same device due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:42.742Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/base/+/c1cf4b9746c9641190730172522324ccd5b8c914" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35675", "datePublished": "2023-09-11T20:09:53.771Z", "dateReserved": "2023-06-15T02:50:31.872Z", "dateUpdated": "2024-09-26T14:30:04.570Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21653
Vulnerability from cvelistv5
Published
2023-09-05 06:23
Modified
2024-08-02 09:44
Severity ?
EPSS score ?
Summary
Transient DOS in Modem while processing RRC reconfiguration message.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: AR8035 Version: QCA8081 Version: QCA8337 Version: QCN6024 Version: QCN9024 Version: SDX65 Version: SDX70M Version: WCD9380 Version: WCN6855 Version: WCN6856 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ar8035_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8081_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8337_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn6024_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn9024_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx65_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx70m_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx70m_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9380_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6855_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6856_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-21653", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-12T19:51:30.562905Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:19:49.902Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:01.946Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Mobile" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "SDX65" }, { "status": "affected", "version": "SDX70M" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCN6855" }, { "status": "affected", "version": "WCN6856" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS in Modem while processing RRC reconfiguration message." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-617", "description": "CWE-617 Reachable Assertion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:21:38.721Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Reachable Assertion in Modem" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-21653", "datePublished": "2023-09-05T06:23:56.700Z", "dateReserved": "2022-12-07T02:58:25.868Z", "dateUpdated": "2024-08-02T09:44:01.946Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35679
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 15:45
Severity ?
EPSS score ?
Summary
In MtpPropertyValue of MtpProperty.h, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.354Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-35679", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:45:10.737790Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:45:20.974Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In MtpPropertyValue of MtpProperty.h, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:43.809Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35679", "datePublished": "2023-09-11T20:09:54.343Z", "dateReserved": "2023-06-15T02:50:31.872Z", "dateUpdated": "2024-09-26T15:45:20.974Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35667
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:47
Severity ?
EPSS score ?
Summary
In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:43.949Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/apps/Settings/+/d8355ac47e068ad20c6a7b1602e72f0585ec0085" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "11" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35667", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:37:12.151553Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:47:51.656Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:40.586Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/apps/Settings/+/d8355ac47e068ad20c6a7b1602e72f0585ec0085" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35667", "datePublished": "2023-09-11T20:09:52.613Z", "dateReserved": "2023-06-15T02:50:29.819Z", "dateUpdated": "2024-09-26T14:47:51.656Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35687
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 15:49
Severity ?
EPSS score ?
Summary
In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.386Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-35687", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:49:05.405485Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:49:16.654Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:46.031Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35687", "datePublished": "2023-09-11T20:09:55.452Z", "dateReserved": "2023-06-15T02:50:33.961Z", "dateUpdated": "2024-09-26T15:49:16.654Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28581
Vulnerability from cvelistv5
Published
2023-09-05 06:24
Modified
2024-08-02 13:43
Severity ?
EPSS score ?
Summary
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: QCA6391 Version: QCA6426 Version: QCA6436 Version: SD 8 Gen1 5G Version: SD865 5G Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon XR2 5G Platform Version: SSG2115P Version: SSG2125P Version: SXR1230P Version: SXR2230P Version: WCD9380 Version: WCD9385 Version: WCN6740 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:43:22.572Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Mobile" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:22:55.750Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Firmware" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-28581", "datePublished": "2023-09-05T06:24:26.366Z", "dateReserved": "2023-03-17T11:41:45.852Z", "dateUpdated": "2024-08-02T13:43:22.572Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21646
Vulnerability from cvelistv5
Published
2023-09-05 06:23
Modified
2024-08-02 09:44
Severity ?
EPSS score ?
Summary
Transient DOS in Modem while processing invalid System Information Block 1.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: AR8035 Version: QCA6390 Version: QCA6391 Version: QCA6574A Version: QCA6595AU Version: QCA6696 Version: QCA8081 Version: QCA8337 Version: QCM6490 Version: QCN6024 Version: QCN9024 Version: QCS6490 Version: QCX315 Version: SA515M Version: SD 8 Gen1 5G Version: SD480 Version: SD690 5G Version: SD695 Version: SD765 Version: SD765G Version: SD768G Version: SD778G Version: SD780G Version: SD865 5G Version: SD870 Version: SD888 5G Version: SDX55 Version: SDX55M Version: SDX65 Version: SDX70M Version: SM7250P Version: SM7325P Version: Snapdragon 4 Gen 1 Version: WCD9341 Version: WCD9360 Version: WCD9370 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCN3988 Version: WCN3991 Version: WCN3998 Version: WCN6740 Version: WCN6750 Version: WCN6850 Version: WCN6851 Version: WCN6855 Version: WCN6856 Version: WCN7850 Version: WCN7851 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8835 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ar8035_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6390_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6391_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6574a_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6595au_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6696_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8081_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8337_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcm6490_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn6024_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn9024_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcs6490_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcx315_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcx315_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa515m_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd_8_gen1_5g_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd480_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd690_5g_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd695_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd765_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd765g_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd768g_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd778g_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd780g_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd865_5g_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd870_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd888_5g_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx55_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx55m_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx65_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx70m_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx70m_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm7250p_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm7325p_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_4_gen_1_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9341_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9360_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9370_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9375_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9380_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9385_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3988_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3991_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3998_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6740_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6750_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6850_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6851_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6855_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6856_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn7850_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn7851_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8810_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8815_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8830_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8835_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-21646", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-12T19:51:32.518961Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:19:41.852Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:02.064Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Industrial IOT", "Snapdragon Mobile" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "QCA6390" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCX315" }, { "status": "affected", "version": "SA515M" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD480" }, { "status": "affected", "version": "SD690 5G" }, { "status": "affected", "version": "SD695" }, { "status": "affected", "version": "SD765" }, { "status": "affected", "version": "SD765G" }, { "status": "affected", "version": "SD768G" }, { "status": "affected", "version": "SD778G" }, { "status": "affected", "version": "SD780G" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD870" }, { "status": "affected", "version": "SD888 5G" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX55M" }, { "status": "affected", "version": "SDX65" }, { "status": "affected", "version": "SDX70M" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "Snapdragon 4 Gen 1" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3991" }, { "status": "affected", "version": "WCN3998" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WCN6750" }, { "status": "affected", "version": "WCN6850" }, { "status": "affected", "version": "WCN6851" }, { "status": "affected", "version": "WCN6855" }, { "status": "affected", "version": "WCN6856" }, { "status": "affected", "version": "WCN7850" }, { "status": "affected", "version": "WCN7851" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS in Modem while processing invalid System Information Block 1." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-617", "description": "CWE-617 Reachable Assertion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:21:35.070Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Reachable Assertion in Modem" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-21646", "datePublished": "2023-09-05T06:23:55.261Z", "dateReserved": "2022-12-07T02:58:25.867Z", "dateUpdated": "2024-08-02T09:44:02.064Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33019
Vulnerability from cvelistv5
Published
2023-09-05 06:24
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: 9206 LTE Modem Version: APQ8017 Version: APQ8052 Version: APQ8056 Version: APQ8076 Version: AR8031 Version: C-V2X 9150 Version: CSRA6620 Version: CSRA6640 Version: FastConnect 6200 Version: Home Hub 100 Platform Version: MDM9250 Version: MDM9628 Version: MDM9650 Version: MSM8108 Version: MSM8209 Version: MSM8608 Version: MSM8909W Version: MSM8996AU Version: QCA6174A Version: QCA6175A Version: QCA6554A Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584 Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6696 Version: QCA9367 Version: QCA9377 Version: QCA9379 Version: Qualcomm 205 Mobile Platform Version: Qualcomm 215 Mobile Platform Version: SD626 Version: SDM429W Version: SDX20M Version: Smart Audio 200 Platform Version: Smart Audio 400 Platform Version: Smart Display 200 Platform (APQ5053-AA) Version: Snapdragon 1200 Wearable Platform Version: Snapdragon 208 Processor Version: Snapdragon 210 Processor Version: Snapdragon 212 Mobile Platform Version: Snapdragon 425 Mobile Platform Version: Snapdragon 429 Mobile Platform Version: Snapdragon 439 Mobile Platform Version: Snapdragon 450 Mobile Platform Version: Snapdragon 617 Processor Version: Snapdragon 625 Mobile Platform Version: Snapdragon 626 Mobile Platform Version: Snapdragon 632 Mobile Platform Version: Snapdragon 650 Mobile Platform Version: Snapdragon 652 Mobile Platform Version: Snapdragon 653 Mobile Platform Version: Snapdragon 820 Automotive Platform Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon Wear 2100 Platform Version: Snapdragon Wear 2500 Platform Version: Snapdragon Wear 3100 Platform Version: Snapdragon Wear 4100+ Platform Version: Snapdragon X12 LTE Modem Version: Snapdragon X20 LTE Modem Version: Snapdragon X5 LTE Modem Version: Vision Intelligence 100 Platform (APQ8053-AA) Version: Vision Intelligence 200 Platform (APQ8053-AC) Version: WCD9326 Version: WCD9330 Version: WCD9335 Version: WCN3610 Version: WCN3615 Version: WCN3620 Version: WCN3660 Version: WCN3660B Version: WCN3680 Version: WCN3680B Version: WCN3980 Version: WSA8810 Version: WSA8815 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "9206_lte_modem_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "apq8017_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:apq8052_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "apq8052_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:apq8056_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "apq8056_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:apq8076_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "apq8076_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ar8031_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "c-v2x_9150_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "csra6620_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "csra6640_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6200_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:home_hub_100_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "home_hub_100_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "mdm9250_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "mdm9628_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "mdm9650_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:msm8108_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "msm8108_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:msm8209_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "msm8209_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:msm8608_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "msm8608_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "msm8909w_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "msm8996au_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6174a_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6175a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6175a_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6554a_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6564a_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6564au_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6574_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6574a_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6574au_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6584_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6584_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6584au_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6595_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6595au_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6696_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca9367_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca9377_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca9379_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qualcomm_205_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qualcomm_205_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qualcomm_215_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qualcomm_215_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd626_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd626_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdm429w_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx20m_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx20m_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:smart_audio_200_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "smart_audio_200_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:smart_audio_400_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "smart_audio_400_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_1200_wearable_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_208_processor_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_208_processor_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_210_processor_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_210_processor_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_212_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_212_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_425_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_425_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_429_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_429_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_439_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_439_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_450_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_450_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_617_processor_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_617_processor_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_625_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_625_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_626_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_626_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_632_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_632_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_650_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_650_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_652_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_652_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_653_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_653_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_820_automotive_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_820_automotive_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_auto_5g_modem-rf_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_wear_2100_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_wear_2100_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_wear_2500_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_wear_2500_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_wear_3100_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_wear_3100_platform_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x12_lte_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x12_lte_modem_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x20_lte_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x20_lte_modem_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x5_lte_modem_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9326_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9330_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9335_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3610_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3615_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3620_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3660_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3660_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3660b_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3680_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3680b_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3980_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8810_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8815_firmware", "vendor": "qualcomm", "versions": [ { "status": "affected", "version": "*" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-33019", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-12T19:51:28.250756Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:06.151Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T15:32:46.604Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Voice \u0026 Music", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "9206 LTE Modem" }, { "status": "affected", "version": "APQ8017" }, { "status": "affected", "version": "APQ8052" }, { "status": "affected", "version": "APQ8056" }, { "status": "affected", "version": "APQ8076" }, { "status": "affected", "version": "AR8031" }, { "status": "affected", "version": "C-V2X 9150" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "Home Hub 100 Platform" }, { "status": "affected", "version": "MDM9250" }, { "status": "affected", "version": "MDM9628" }, { "status": "affected", "version": "MDM9650" }, { "status": "affected", "version": "MSM8108" }, { "status": "affected", "version": "MSM8209" }, { "status": "affected", "version": "MSM8608" }, { "status": "affected", "version": "MSM8909W" }, { "status": "affected", "version": "MSM8996AU" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6175A" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA9367" }, { "status": "affected", "version": "QCA9377" }, { "status": "affected", "version": "QCA9379" }, { "status": "affected", "version": "Qualcomm 205 Mobile Platform" }, { "status": "affected", "version": "Qualcomm 215 Mobile Platform" }, { "status": "affected", "version": "SD626" }, { "status": "affected", "version": "SDM429W" }, { "status": "affected", "version": "SDX20M" }, { "status": "affected", "version": "Smart Audio 200 Platform" }, { "status": "affected", "version": "Smart Audio 400 Platform" }, { "status": "affected", "version": "Smart Display 200 Platform (APQ5053-AA)" }, { "status": "affected", "version": "Snapdragon 1200 Wearable Platform" }, { "status": "affected", "version": "Snapdragon 208 Processor" }, { "status": "affected", "version": "Snapdragon 210 Processor" }, { "status": "affected", "version": "Snapdragon 212 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 425 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 439 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 450 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 617 Processor" }, { "status": "affected", "version": "Snapdragon 625 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 626 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 632 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 650 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 652 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 653 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 820 Automotive Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon Wear 2100 Platform" }, { "status": "affected", "version": "Snapdragon Wear 2500 Platform" }, { "status": "affected", "version": "Snapdragon Wear 3100 Platform" }, { "status": "affected", "version": "Snapdragon Wear 4100+ Platform" }, { "status": "affected", "version": "Snapdragon X12 LTE Modem" }, { "status": "affected", "version": "Snapdragon X20 LTE Modem" }, { "status": "affected", "version": "Snapdragon X5 LTE Modem" }, { "status": "affected", "version": "Vision Intelligence 100 Platform (APQ8053-AA)" }, { "status": "affected", "version": "Vision Intelligence 200 Platform (APQ8053-AC)" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9330" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCN3610" }, { "status": "affected", "version": "WCN3615" }, { "status": "affected", "version": "WCN3620" }, { "status": "affected", "version": "WCN3660" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-285", "description": "CWE-285 Improper Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:23:09.464Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Improper Authorization in WLAN Host" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-33019", "datePublished": "2023-09-05T06:24:31.530Z", "dateReserved": "2023-05-17T09:28:53.119Z", "dateUpdated": "2024-08-02T15:32:46.604Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35680
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-10-29 17:59
Severity ?
EPSS score ?
Summary
In multiple locations, there is a possible way to import contacts belonging to other users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.575Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/services/Telephony/+/674039e70e1c5bf29b808899ac80c709acc82290" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-35680", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:45:40.751292Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-470", "description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-29T17:59:02.103Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In multiple locations, there is a possible way to import contacts belonging to other users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:44.159Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/services/Telephony/+/674039e70e1c5bf29b808899ac80c709acc82290" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35680", "datePublished": "2023-09-11T20:09:54.517Z", "dateReserved": "2023-06-15T02:50:31.873Z", "dateUpdated": "2024-10-29T17:59:02.103Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33015
Vulnerability from cvelistv5
Published
2023-09-05 06:24
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: 315 5G IoT Modem Version: AQT1000 Version: AR8035 Version: AR9380 Version: CSR8811 Version: CSRB31024 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Flight RB5 5G Platform Version: Immersive Home 214 Platform Version: Immersive Home 216 Platform Version: Immersive Home 316 Platform Version: Immersive Home 318 Platform Version: IPQ4018 Version: IPQ4028 Version: IPQ4029 Version: IPQ5010 Version: IPQ5028 Version: IPQ6010 Version: IPQ6018 Version: IPQ6028 Version: IPQ8064 Version: IPQ8065 Version: IPQ8068 Version: IPQ8069 Version: IPQ8070 Version: IPQ8070A Version: IPQ8071A Version: IPQ8072A Version: IPQ8074 Version: IPQ8074A Version: IPQ8076 Version: IPQ8076A Version: IPQ8078 Version: IPQ8078A Version: IPQ8173 Version: IPQ8174 Version: PMP8074 Version: QAM8255P Version: QAM8295P Version: QCA1062 Version: QCA1064 Version: QCA2062 Version: QCA2064 Version: QCA2065 Version: QCA2066 Version: QCA4024 Version: QCA6310 Version: QCA6335 Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6428 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6438 Version: QCA6554A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCA8072 Version: QCA8075 Version: QCA8081 Version: QCA8337 Version: QCA9886 Version: QCA9888 Version: QCA9889 Version: QCA9898 Version: QCA9980 Version: QCA9984 Version: QCA9985 Version: QCA9986 Version: QCA9990 Version: QCA9992 Version: QCA9994 Version: QCM4490 Version: QCM6490 Version: QCN5021 Version: QCN5022 Version: QCN5024 Version: QCN5052 Version: QCN5054 Version: QCN5122 Version: QCN5124 Version: QCN5152 Version: QCN5154 Version: QCN5164 Version: QCN6023 Version: QCN6024 Version: QCN6122 Version: QCN6132 Version: QCN7605 Version: QCN7606 Version: QCN9000 Version: QCN9011 Version: QCN9012 Version: QCN9022 Version: QCN9024 Version: QCN9070 Version: QCN9072 Version: QCN9074 Version: QCN9100 Version: QCS4490 Version: QCS6490 Version: QCS8250 Version: QCS8550 Version: QRB5165M Version: QRB5165N Version: QSM8250 Version: QSM8350 Version: Robotics RB5 Platform Version: SA4150P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SC8180X+SDX55 Version: SD 8 Gen1 5G Version: SD865 5G Version: SD888 Version: SDX55 Version: SM7315 Version: SM7325P Version: Snapdragon 778G 5G Mobile Platform Version: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Version: Snapdragon 780G 5G Mobile Platform Version: Snapdragon 782G Mobile Platform (SM7325-AF) Version: Snapdragon 7c+ Gen 3 Compute Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 888 5G Mobile Platform Version: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Version: Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite" Version: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Version: Snapdragon 8cx Compute Platform (SC8180X-AA, AB) Version: Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB) Version: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: Snapdragon Auto 4G Modem Version: SSG2115P Version: SSG2125P Version: SXR1230P Version: SXR2130 Version: SXR2230P Version: WCD9340 Version: WCD9341 Version: WCD9360 Version: WCD9370 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCN3950 Version: WCN3980 Version: WCN6740 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:32:46.747Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Voice \u0026 Music", "Snapdragon Wired Infrastructure and Networking" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "AR9380" }, { "status": "affected", "version": "CSR8811" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "Immersive Home 214 Platform" }, { "status": "affected", "version": "Immersive Home 216 Platform" }, { "status": "affected", "version": "Immersive Home 316 Platform" }, { "status": "affected", "version": "Immersive Home 318 Platform" }, { "status": "affected", "version": "IPQ4018" }, { "status": "affected", "version": "IPQ4028" }, { "status": "affected", "version": "IPQ4029" }, { "status": "affected", "version": "IPQ5010" }, { "status": "affected", "version": "IPQ5028" }, { "status": "affected", "version": "IPQ6010" }, { "status": "affected", "version": "IPQ6018" }, { "status": "affected", "version": "IPQ6028" }, { "status": "affected", "version": "IPQ8064" }, { "status": "affected", "version": "IPQ8065" }, { "status": "affected", "version": "IPQ8068" }, { "status": "affected", "version": "IPQ8069" }, { "status": "affected", "version": "IPQ8070" }, { "status": "affected", "version": "IPQ8070A" }, { "status": "affected", "version": "IPQ8071A" }, { "status": "affected", "version": "IPQ8072A" }, { "status": "affected", "version": "IPQ8074" }, { "status": "affected", "version": "IPQ8074A" }, { "status": "affected", "version": "IPQ8076" }, { "status": "affected", "version": "IPQ8076A" }, { "status": "affected", "version": "IPQ8078" }, { "status": "affected", "version": "IPQ8078A" }, { "status": "affected", "version": "IPQ8173" }, { "status": "affected", "version": "IPQ8174" }, { "status": "affected", "version": "PMP8074" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QCA1062" }, { "status": "affected", "version": "QCA1064" }, { "status": "affected", "version": "QCA2062" }, { "status": "affected", "version": "QCA2064" }, { "status": "affected", "version": "QCA2065" }, { "status": "affected", "version": "QCA2066" }, { "status": "affected", "version": "QCA4024" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6335" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6428" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6438" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8072" }, { "status": "affected", "version": "QCA8075" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA9886" }, { "status": "affected", "version": "QCA9888" }, { "status": "affected", "version": "QCA9889" }, { "status": "affected", "version": "QCA9898" }, { "status": "affected", "version": "QCA9980" }, { "status": "affected", "version": "QCA9984" }, { "status": "affected", "version": "QCA9985" }, { "status": "affected", "version": "QCA9986" }, { "status": "affected", "version": "QCA9990" }, { "status": "affected", "version": "QCA9992" }, { "status": "affected", "version": "QCA9994" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN5021" }, { "status": "affected", "version": "QCN5022" }, { "status": "affected", "version": "QCN5024" }, { "status": "affected", "version": "QCN5052" }, { "status": "affected", "version": "QCN5054" }, { "status": "affected", "version": "QCN5122" }, { "status": "affected", "version": "QCN5124" }, { "status": "affected", "version": "QCN5152" }, { "status": "affected", "version": "QCN5154" }, { "status": "affected", "version": "QCN5164" }, { "status": "affected", "version": "QCN6023" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN6122" }, { "status": "affected", "version": "QCN6132" }, { "status": "affected", "version": "QCN7605" }, { "status": "affected", "version": "QCN7606" }, { "status": "affected", "version": "QCN9000" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9022" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9070" }, { "status": "affected", "version": "QCN9072" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCN9100" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "QSM8250" }, { "status": "affected", "version": "QSM8350" }, { "status": "affected", "version": "Robotics RB5 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SC8180X+SDX55" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:23:02.568Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Buffer Over-read in WLAN Firmware" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-33015", "datePublished": "2023-09-05T06:24:29.035Z", "dateReserved": "2023-05-17T09:28:53.119Z", "dateUpdated": "2024-08-02T15:32:46.747Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33016
Vulnerability from cvelistv5
Published
2023-09-05 06:24
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
Transient DOS in WLAN firmware while parsing MLO (multi-link operation).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: CSR8811 Version: FastConnect 6900 Version: FastConnect 7800 Version: Immersive Home 214 Platform Version: Immersive Home 216 Platform Version: Immersive Home 316 Platform Version: Immersive Home 318 Platform Version: IPQ5010 Version: IPQ5028 Version: IPQ6000 Version: IPQ6010 Version: IPQ6018 Version: IPQ6028 Version: IPQ8070A Version: IPQ8071A Version: IPQ8072A Version: IPQ8074A Version: IPQ8076 Version: IPQ8076A Version: IPQ8078 Version: IPQ8078A Version: IPQ8173 Version: IPQ8174 Version: IPQ9574 Version: QCA4024 Version: QCA8075 Version: QCA8081 Version: QCA8082 Version: QCA8084 Version: QCA8085 Version: QCA8386 Version: QCA9888 Version: QCA9889 Version: QCN5022 Version: QCN5024 Version: QCN5052 Version: QCN5122 Version: QCN5124 Version: QCN5152 Version: QCN5154 Version: QCN5164 Version: QCN6023 Version: QCN6024 Version: QCN6122 Version: QCN6132 Version: QCN9000 Version: QCN9022 Version: QCN9024 Version: QCN9070 Version: QCN9072 Version: QCN9074 Version: QCN9100 Version: QCN9274 Version: QCS8550 Version: SD 8 Gen1 5G Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon AR2 Gen 1 Platform Version: SSG2115P Version: SSG2125P Version: SXR1230P Version: SXR2230P Version: WCD9380 Version: WCD9385 Version: WSA8830 Version: WSA8832 Version: WSA8835 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:32:46.662Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Wired Infrastructure and Networking" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "CSR8811" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Immersive Home 214 Platform" }, { "status": "affected", "version": "Immersive Home 216 Platform" }, { "status": "affected", "version": "Immersive Home 316 Platform" }, { "status": "affected", "version": "Immersive Home 318 Platform" }, { "status": "affected", "version": "IPQ5010" }, { "status": "affected", "version": "IPQ5028" }, { "status": "affected", "version": "IPQ6000" }, { "status": "affected", "version": "IPQ6010" }, { "status": "affected", "version": "IPQ6018" }, { "status": "affected", "version": "IPQ6028" }, { "status": "affected", "version": "IPQ8070A" }, { "status": "affected", "version": "IPQ8071A" }, { "status": "affected", "version": "IPQ8072A" }, { "status": "affected", "version": "IPQ8074A" }, { "status": "affected", "version": "IPQ8076" }, { "status": "affected", "version": "IPQ8076A" }, { "status": "affected", "version": "IPQ8078" }, { "status": "affected", "version": "IPQ8078A" }, { "status": "affected", "version": "IPQ8173" }, { "status": "affected", "version": "IPQ8174" }, { "status": "affected", "version": "IPQ9574" }, { "status": "affected", "version": "QCA4024" }, { "status": "affected", "version": "QCA8075" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8082" }, { "status": "affected", "version": "QCA8084" }, { "status": "affected", "version": "QCA8085" }, { "status": "affected", "version": "QCA8386" }, { "status": "affected", "version": "QCA9888" }, { "status": "affected", "version": "QCA9889" }, { "status": "affected", "version": "QCN5022" }, { "status": "affected", "version": "QCN5024" }, { "status": "affected", "version": "QCN5052" }, { "status": "affected", "version": "QCN5122" }, { "status": "affected", "version": "QCN5124" }, { "status": "affected", "version": "QCN5152" }, { "status": "affected", "version": "QCN5154" }, { "status": "affected", "version": "QCN5164" }, { "status": "affected", "version": "QCN6023" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN6122" }, { "status": "affected", "version": "QCN6132" }, { "status": "affected", "version": "QCN9000" }, { "status": "affected", "version": "QCN9022" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9070" }, { "status": "affected", "version": "QCN9072" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCN9100" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS in WLAN firmware while parsing MLO (multi-link operation)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:23:06.061Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Buffer Over-read in WLAN Firmware" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-33016", "datePublished": "2023-09-05T06:24:30.323Z", "dateReserved": "2023-05-17T09:28:53.119Z", "dateUpdated": "2024-08-02T15:32:46.662Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35674
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:31
Severity ?
EPSS score ?
Summary
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.419Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/frameworks/base/+/7428962d3b064ce1122809d87af65099d1129c9e" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "11" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35674", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:15:36.373187Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2023-09-13", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-35674" }, "type": "kev" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:31:47.277Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:42.390Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/base/+/7428962d3b064ce1122809d87af65099d1129c9e" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35674", "datePublished": "2023-09-11T20:09:53.580Z", "dateReserved": "2023-06-15T02:50:29.820Z", "dateUpdated": "2024-09-26T14:31:47.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28538
Vulnerability from cvelistv5
Published
2023-09-05 06:24
Modified
2024-08-02 13:43
Severity ?
EPSS score ?
Summary
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: AQT1000 Version: CSRA6620 Version: CSRA6640 Version: FastConnect 6200 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Flight RB5 5G Platform Version: FSM10056 Version: QCA6174A Version: QCA6310 Version: QCA6335 Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6564 Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6595 Version: QCA6595AU Version: QCA6696 Version: QCM2290 Version: QCM4290 Version: QCM4325 Version: QCM6125 Version: QCN7606 Version: QCN9011 Version: QCN9012 Version: QCS2290 Version: QCS410 Version: QCS4290 Version: QCS610 Version: QCS6125 Version: QCS8155 Version: QRB5165M Version: QRB5165N Version: QSM8250 Version: Qualcomm Robotics RB3 Platform Version: Qualcomm Robotics RB5 Platform Version: SA4150P Version: SA4155P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SC8180X+SDX55 Version: SD 675 Version: SD 8 Gen1 5G Version: SD 8CX Version: SD 8cx Gen2 Version: SD460 Version: SD480 Version: SD662 Version: SD665 Version: SD670 Version: SD675 Version: SD678 Version: SD680 Version: SD690 5G Version: SD695 Version: SD710 Version: SD712 Version: SD720G Version: SD730 Version: SD750G Version: SD765 Version: SD765G Version: SD768G Version: SD7c Version: SD845 Version: SD855 Version: SD865 5G Version: SD870 Version: SDX55 Version: SG4150P Version: SM4125 Version: SM6250 Version: SM6250P Version: SM7250P Version: Smart Audio 200 Platform Version: Snapdragon 850 Mobile Compute Platform Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon X50 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon XR1 Platform Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: Snapdragon 4 Gen 1 Version: SSG2115P Version: SSG2125P Version: SW5100 Version: SW5100P Version: SXR1120 Version: SXR1230P Version: SXR2130 Version: SXR2230P Version: Vision Intelligence 300 Platform Version: Vision Intelligence 400 Platform Version: WCD9326 Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9370 Version: WCD9371 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCN3910 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:43:22.704Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "FSM10056" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6335" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6564" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCM2290" }, { "status": "affected", "version": "QCM4290" }, { "status": "affected", "version": "QCM4325" }, { "status": "affected", "version": "QCM6125" }, { "status": "affected", "version": "QCN7606" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCS2290" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS4290" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS6125" }, { "status": "affected", "version": "QCS8155" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "QSM8250" }, { "status": "affected", "version": "Qualcomm Robotics RB3 Platform" }, { "status": "affected", "version": "Qualcomm Robotics RB5 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA4155P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SC8180X+SDX55" }, { "status": "affected", "version": "SD 675" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD 8CX" }, { "status": "affected", "version": "SD 8cx Gen2" }, { "status": "affected", "version": "SD460" }, { "status": "affected", "version": "SD480" }, { "status": "affected", "version": "SD662" }, { "status": "affected", "version": "SD665" }, { "status": "affected", "version": "SD670" }, { "status": "affected", "version": "SD675" }, { "status": "affected", "version": "SD678" }, { "status": "affected", "version": "SD680" }, { "status": "affected", "version": "SD690 5G" }, { "status": "affected", "version": "SD695" }, { "status": "affected", "version": "SD710" }, { "status": "affected", "version": "SD712" }, { "status": "affected", "version": "SD720G" }, { "status": "affected", "version": "SD730" }, { "status": "affected", "version": "SD750G" }, { "status": "affected", "version": "SD765" }, { "status": "affected", "version": "SD765G" }, { "status": "affected", "version": "SD768G" }, { "status": "affected", "version": "SD7c" }, { "status": "affected", "version": "SD845" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD870" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SM4125" }, { "status": "affected", "version": "SM6250" }, { "status": "affected", "version": "SM6250P" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "Smart Audio 200 Platform" }, { "status": "affected", "version": "Snapdragon 850 Mobile Compute Platform" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 1" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "Vision Intelligence 300 Platform" }, { "status": "affected", "version": "Vision Intelligence 400 Platform" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9371" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:22:03.130Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Stack-based Buffer Overflow in WIN Product" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-28538", "datePublished": "2023-09-05T06:24:05.510Z", "dateReserved": "2023-03-17T11:41:45.845Z", "dateUpdated": "2024-08-02T13:43:22.704Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28549
Vulnerability from cvelistv5
Published
2023-09-05 06:24
Modified
2024-08-02 13:43
Severity ?
EPSS score ?
Summary
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: 315 5G IoT Modem Version: AQT1000 Version: AR8035 Version: AR9380 Version: CSR8811 Version: CSRB31024 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Flight RB5 5G Platform Version: Immersive Home 214 Platform Version: Immersive Home 216 Platform Version: Immersive Home 316 Platform Version: Immersive Home 318 Platform Version: IPQ4018 Version: IPQ4019 Version: IPQ4028 Version: IPQ4029 Version: IPQ5010 Version: IPQ5028 Version: IPQ6000 Version: IPQ6010 Version: IPQ6018 Version: IPQ6028 Version: IPQ8064 Version: IPQ8065 Version: IPQ8068 Version: IPQ8070 Version: IPQ8070A Version: IPQ8071 Version: IPQ8071A Version: IPQ8072 Version: IPQ8072A Version: IPQ8074 Version: IPQ8074A Version: IPQ8076 Version: IPQ8076A Version: IPQ8078 Version: IPQ8078A Version: IPQ8173 Version: IPQ8174 Version: IPQ9008 Version: IPQ9574 Version: PMP8074 Version: QAM8295P Version: QCA1062 Version: QCA1064 Version: QCA2062 Version: QCA2064 Version: QCA2065 Version: QCA2066 Version: QCA4024 Version: QCA6310 Version: QCA6320 Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6428 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6438 Version: QCA6554A Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6696 Version: QCA6698AQ Version: QCA7500 Version: QCA8072 Version: QCA8075 Version: QCA8081 Version: QCA8082 Version: QCA8084 Version: QCA8085 Version: QCA8337 Version: QCA8386 Version: QCA9880 Version: QCA9886 Version: QCA9888 Version: QCA9889 Version: QCA9898 Version: QCA9980 Version: QCA9984 Version: QCA9985 Version: QCA9986 Version: QCA9990 Version: QCA9992 Version: QCA9994 Version: QCM4490 Version: QCM6490 Version: QCN5021 Version: QCN5022 Version: QCN5024 Version: QCN5052 Version: QCN5054 Version: QCN5064 Version: QCN5122 Version: QCN5124 Version: QCN5152 Version: QCN5154 Version: QCN5164 Version: QCN5550 Version: QCN6023 Version: QCN6024 Version: QCN6100 Version: QCN6102 Version: QCN6112 Version: QCN6122 Version: QCN6132 Version: QCN9000 Version: QCN9001 Version: QCN9002 Version: QCN9003 Version: QCN9011 Version: QCN9012 Version: QCN9022 Version: QCN9024 Version: QCN9070 Version: QCN9072 Version: QCN9074 Version: QCN9100 Version: QCN9274 Version: QCS4490 Version: QCS6490 Version: QCS8250 Version: QRB5165M Version: QRB5165N Version: QSM8250 Version: QSM8350 Version: Qualcomm Robotics RB5 Platform Version: SA4150P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8295P Version: SC8180X+SDX55 Version: SD 455 Version: SD 8 Gen1 5G Version: SD660 Version: SD835 Version: SD865 5G Version: SD888 Version: SDX55 Version: SM4450 Version: SM7250P Version: SM7315 Version: SM7325P Version: Snapdragon 4 Gen 1 Mobile Platform Version: Snapdragon 480 5G Mobile Platform Version: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Version: Snapdragon 630 Mobile Platform Version: Snapdragon 636 Mobile Platform Version: Snapdragon 660 Mobile Platform Version: Snapdragon 690 5G Mobile Platform Version: Snapdragon 695 5G Mobile Platform Version: Snapdragon 750G 5G Mobile Platform Version: Snapdragon 765 5G Mobile Platform (SM7250-AA) Version: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Version: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Version: Snapdragon 778G 5G Mobile Platform Version: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Version: Snapdragon 780G 5G Mobile Platform Version: Snapdragon 782G Mobile Platform (SM7325-AF) Version: Snapdragon 7c+ Gen 3 Compute Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 835 Mobile PC Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 888 5G Mobile Platform Version: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Version: Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite" Version: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Version: Snapdragon 8cx Compute Platform (SC8180X-AA, AB) Version: Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB) Version: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: Snapdragon Auto 4G Modem Version: SSG2115P Version: SSG2125P Version: SW5100 Version: SW5100P Version: SXR1230P Version: SXR2130 Version: SXR2230P Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9360 Version: WCD9370 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WCN6740 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:43:22.630Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Wearables", "Snapdragon Wired Infrastructure and Networking" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "AR9380" }, { "status": "affected", "version": "CSR8811" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "Immersive Home 214 Platform" }, { "status": "affected", "version": "Immersive Home 216 Platform" }, { "status": "affected", "version": "Immersive Home 316 Platform" }, { "status": "affected", "version": "Immersive Home 318 Platform" }, { "status": "affected", "version": "IPQ4018" }, { "status": "affected", "version": "IPQ4019" }, { "status": "affected", "version": "IPQ4028" }, { "status": "affected", "version": "IPQ4029" }, { "status": "affected", "version": "IPQ5010" }, { "status": "affected", "version": "IPQ5028" }, { "status": "affected", "version": "IPQ6000" }, { "status": "affected", "version": "IPQ6010" }, { "status": "affected", "version": "IPQ6018" }, { "status": "affected", "version": "IPQ6028" }, { "status": "affected", "version": "IPQ8064" }, { "status": "affected", "version": "IPQ8065" }, { "status": "affected", "version": "IPQ8068" }, { "status": "affected", "version": "IPQ8070" }, { "status": "affected", "version": "IPQ8070A" }, { "status": "affected", "version": "IPQ8071" }, { "status": "affected", "version": "IPQ8071A" }, { "status": "affected", "version": "IPQ8072" }, { "status": "affected", "version": "IPQ8072A" }, { "status": "affected", "version": "IPQ8074" }, { "status": "affected", "version": "IPQ8074A" }, { "status": "affected", "version": "IPQ8076" }, { "status": "affected", "version": "IPQ8076A" }, { "status": "affected", "version": "IPQ8078" }, { "status": "affected", "version": "IPQ8078A" }, { "status": "affected", "version": "IPQ8173" }, { "status": "affected", "version": "IPQ8174" }, { "status": "affected", "version": "IPQ9008" }, { "status": "affected", "version": "IPQ9574" }, { "status": "affected", "version": "PMP8074" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QCA1062" }, { "status": "affected", "version": "QCA1064" }, { "status": "affected", "version": "QCA2062" }, { "status": "affected", "version": "QCA2064" }, { "status": "affected", "version": "QCA2065" }, { "status": "affected", "version": "QCA2066" }, { "status": "affected", "version": "QCA4024" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6320" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6428" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6438" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA7500" }, { "status": "affected", "version": "QCA8072" }, { "status": "affected", "version": "QCA8075" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8082" }, { "status": "affected", "version": "QCA8084" }, { "status": "affected", "version": "QCA8085" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA8386" }, { "status": "affected", "version": "QCA9880" }, { "status": "affected", "version": "QCA9886" }, { "status": "affected", "version": "QCA9888" }, { "status": "affected", "version": "QCA9889" }, { "status": "affected", "version": "QCA9898" }, { "status": "affected", "version": "QCA9980" }, { "status": "affected", "version": "QCA9984" }, { "status": "affected", "version": "QCA9985" }, { "status": "affected", "version": "QCA9986" }, { "status": "affected", "version": "QCA9990" }, { "status": "affected", "version": "QCA9992" }, { "status": "affected", "version": "QCA9994" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN5021" }, { "status": "affected", "version": "QCN5022" }, { "status": "affected", "version": "QCN5024" }, { "status": "affected", "version": "QCN5052" }, { "status": "affected", "version": "QCN5054" }, { "status": "affected", "version": "QCN5064" }, { "status": "affected", "version": "QCN5122" }, { "status": "affected", "version": "QCN5124" }, { "status": "affected", "version": "QCN5152" }, { "status": "affected", "version": "QCN5154" }, { "status": "affected", "version": "QCN5164" }, { "status": "affected", "version": "QCN5550" }, { "status": "affected", "version": "QCN6023" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN6100" }, { "status": "affected", "version": "QCN6102" }, { "status": "affected", "version": "QCN6112" }, { "status": "affected", "version": "QCN6122" }, { "status": "affected", "version": "QCN6132" }, { "status": "affected", "version": "QCN9000" }, { "status": "affected", "version": "QCN9001" }, { "status": "affected", "version": "QCN9002" }, { "status": "affected", "version": "QCN9003" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9022" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9070" }, { "status": "affected", "version": "QCN9072" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCN9100" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "QSM8250" }, { "status": "affected", "version": "QSM8350" }, { "status": "affected", "version": "Qualcomm Robotics RB5 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SC8180X+SDX55" }, { "status": "affected", "version": "SD 455" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD660" }, { "status": "affected", "version": "SD835" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SM4450" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 630 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 636 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 660 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 750G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 835 Mobile PC Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:22:17.450Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN HAL" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-28549", "datePublished": "2023-09-05T06:24:11.272Z", "dateReserved": "2023-03-17T11:41:45.846Z", "dateUpdated": "2024-08-02T13:43:22.630Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40534
Vulnerability from cvelistv5
Published
2023-09-05 06:23
Modified
2024-08-03 12:21
Severity ?
EPSS score ?
Summary
Memory corruption due to improper validation of array index in Audio.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: FastConnect 6900 Version: FastConnect 7800 Version: Snapdragon W5+ Gen 1 Wearable Platform Version: SW5100 Version: SW5100P Version: SXR2230P Version: WCD9380 Version: WCD9385 Version: WSA8830 Version: WSA8832 Version: WSA8835 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:21:45.583Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Compute", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption due to improper validation of array index in Audio." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-129", "description": "CWE-129 Improper Validation of Array Index", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:21:24.627Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Improper Validation of Array Index in Audio" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2022-40534", "datePublished": "2023-09-05T06:23:51.581Z", "dateReserved": "2022-09-12T09:37:28.420Z", "dateUpdated": "2024-08-03T12:21:45.583Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35684
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 15:47
Severity ?
EPSS score ?
Summary
In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.483Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/668bbca29797728004d88db4c9b69102f3939008" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-35684", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:47:19.045836Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:47:27.807Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:45.658Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/668bbca29797728004d88db4c9b69102f3939008" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35684", "datePublished": "2023-09-11T20:09:55.266Z", "dateReserved": "2023-06-15T02:50:31.873Z", "dateUpdated": "2024-09-26T15:47:27.807Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35665
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:45
Severity ?
EPSS score ?
Summary
In multiple files, there is a possible way to import a contact from another user due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.582Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/services/Telephony/+/674039e70e1c5bf29b808899ac80c709acc82290" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "11" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35665", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:41:56.262255Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:45:15.695Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In multiple files, there is a possible way to import a contact from another user due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:39.827Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/services/Telephony/+/674039e70e1c5bf29b808899ac80c709acc82290" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35665", "datePublished": "2023-09-11T20:09:52.237Z", "dateReserved": "2023-06-15T02:50:29.818Z", "dateUpdated": "2024-09-26T14:45:15.695Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35658
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:51
Severity ?
EPSS score ?
Summary
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:43.908Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d03a3020de69143b1fe8129d75e55f14951dd192" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "11" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35658", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:50:27.908286Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:51:50.005Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:39.115Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d03a3020de69143b1fe8129d75e55f14951dd192" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35658", "datePublished": "2023-09-11T20:09:51.810Z", "dateReserved": "2023-06-15T02:50:10.272Z", "dateUpdated": "2024-09-26T14:51:50.005Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28584
Vulnerability from cvelistv5
Published
2023-09-05 06:24
Modified
2024-08-02 13:43
Severity ?
EPSS score ?
Summary
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: AQT1000 Version: CSRB31024 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6900 Version: FastConnect 7800 Version: QAM8255P Version: QAM8295P Version: QCA6310 Version: QCA6320 Version: QCA6420 Version: QCA6430 Version: QCA6554A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCM4325 Version: QCM4490 Version: QCS410 Version: QCS4490 Version: QCS610 Version: QCS8550 Version: SA4150P Version: SA6155P Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SD 8 Gen1 5G Version: SD835 Version: SD855 Version: SG4150P Version: SM4450 Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 835 Mobile PC Platform Version: Snapdragon 855 Mobile Platform Version: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon Auto 4G Modem Version: SSG2115P Version: SSG2125P Version: SXR1230P Version: SXR2230P Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9370 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WCN6740 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:43:23.661Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6320" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCM4325" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD835" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SM4450" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 835 Mobile PC Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-285", "description": "CWE-285 Improper Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:22:59.118Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Improper Authorization in WLAN Host" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-28584", "datePublished": "2023-09-05T06:24:27.838Z", "dateReserved": "2023-03-17T11:41:45.852Z", "dateUpdated": "2024-08-02T13:43:23.661Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35677
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-10-29 17:52
Severity ?
EPSS score ?
Summary
In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service (factory reset or continuous locking) with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.175Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/apps/Settings/+/846180c19f68f6fb1b0653356401d3235fef846e" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-35677", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:44:29.953339Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-29T17:52:42.588Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service (factory reset or continuous locking) with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:43.440Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/apps/Settings/+/846180c19f68f6fb1b0653356401d3235fef846e" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35677", "datePublished": "2023-09-11T20:09:54.167Z", "dateReserved": "2023-06-15T02:50:31.872Z", "dateUpdated": "2024-10-29T17:52:42.588Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35670
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-08-02 16:30
Severity ?
EPSS score ?
Summary
In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:43.944Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/db3c69afcb0a45c8aa2f333fcde36217889899fe" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps\u0027 external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:41.312Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/db3c69afcb0a45c8aa2f333fcde36217889899fe" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35670", "datePublished": "2023-09-11T20:09:52.999Z", "dateReserved": "2023-06-15T02:50:29.819Z", "dateUpdated": "2024-08-02T16:30:43.944Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35669
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:25
Severity ?
EPSS score ?
Summary
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.426Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/frameworks/base/+/f810d81839af38ee121c446105ca67cb12992fc6" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "11" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35669", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:22:25.092966Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:25:51.263Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:40.959Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/base/+/f810d81839af38ee121c446105ca67cb12992fc6" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35669", "datePublished": "2023-09-11T20:09:52.808Z", "dateReserved": "2023-06-15T02:50:29.819Z", "dateUpdated": "2024-09-26T14:25:51.263Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28573
Vulnerability from cvelistv5
Published
2023-09-05 06:24
Modified
2024-08-02 13:43
Severity ?
EPSS score ?
Summary
Memory corruption in WLAN HAL while parsing WMI command parameters.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: 315 5G IoT Modem Version: AQT1000 Version: AR8035 Version: AR9380 Version: CSR8811 Version: CSRB31024 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Flight RB5 5G Platform Version: Immersive Home 214 Platform Version: Immersive Home 216 Platform Version: Immersive Home 316 Platform Version: Immersive Home 318 Platform Version: IPQ5010 Version: IPQ5028 Version: IPQ6000 Version: IPQ6010 Version: IPQ6018 Version: IPQ6028 Version: IPQ8064 Version: IPQ8065 Version: IPQ8068 Version: IPQ8070 Version: IPQ8070A Version: IPQ8071 Version: IPQ8071A Version: IPQ8072 Version: IPQ8072A Version: IPQ8074 Version: IPQ8074A Version: IPQ8076 Version: IPQ8076A Version: IPQ8078 Version: IPQ8078A Version: IPQ8173 Version: IPQ8174 Version: IPQ9008 Version: IPQ9574 Version: PMP8074 Version: QAM8255P Version: QAM8295P Version: QCA1062 Version: QCA1064 Version: QCA2062 Version: QCA2064 Version: QCA2065 Version: QCA2066 Version: QCA4024 Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6554A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCA8072 Version: QCA8075 Version: QCA8081 Version: QCA8082 Version: QCA8084 Version: QCA8085 Version: QCA8337 Version: QCA8386 Version: QCA9886 Version: QCA9888 Version: QCA9889 Version: QCA9980 Version: QCA9984 Version: QCA9985 Version: QCA9986 Version: QCA9990 Version: QCA9992 Version: QCA9994 Version: QCM4490 Version: QCM6490 Version: QCN5021 Version: QCN5022 Version: QCN5024 Version: QCN5052 Version: QCN5054 Version: QCN5122 Version: QCN5124 Version: QCN5152 Version: QCN5154 Version: QCN5164 Version: QCN6023 Version: QCN6024 Version: QCN6100 Version: QCN6102 Version: QCN6112 Version: QCN6122 Version: QCN6132 Version: QCN9000 Version: QCN9001 Version: QCN9002 Version: QCN9003 Version: QCN9011 Version: QCN9012 Version: QCN9022 Version: QCN9024 Version: QCN9070 Version: QCN9072 Version: QCN9074 Version: QCN9100 Version: QCN9274 Version: QCS4490 Version: QCS6490 Version: QCS8250 Version: QCS8550 Version: QRB5165M Version: QRB5165N Version: QSM8250 Version: QSM8350 Version: Robotics RB5 Platform Version: SA4150P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SC8180X+SDX55 Version: SD 8 Gen1 5G Version: SD865 5G Version: SD888 Version: SDX55 Version: SM7315 Version: SM7325P Version: Snapdragon 778G 5G Mobile Platform Version: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Version: Snapdragon 780G 5G Mobile Platform Version: Snapdragon 782G Mobile Platform (SM7325-AF) Version: Snapdragon 7c+ Gen 3 Compute Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 888 5G Mobile Platform Version: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Version: Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite" Version: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Version: Snapdragon 8cx Compute Platform (SC8180X-AA, AB) Version: Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB) Version: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: Snapdragon Auto 4G Modem Version: SSG2115P Version: SSG2125P Version: SXR1230P Version: SXR2130 Version: SXR2230P Version: WCD9340 Version: WCD9341 Version: WCD9360 Version: WCD9370 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCN3950 Version: WCN3980 Version: WCN6740 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:43:22.725Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Wired Infrastructure and Networking" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "AR9380" }, { "status": "affected", "version": "CSR8811" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "Immersive Home 214 Platform" }, { "status": "affected", "version": "Immersive Home 216 Platform" }, { "status": "affected", "version": "Immersive Home 316 Platform" }, { "status": "affected", "version": "Immersive Home 318 Platform" }, { "status": "affected", "version": "IPQ5010" }, { "status": "affected", "version": "IPQ5028" }, { "status": "affected", "version": "IPQ6000" }, { "status": "affected", "version": "IPQ6010" }, { "status": "affected", "version": "IPQ6018" }, { "status": "affected", "version": "IPQ6028" }, { "status": "affected", "version": "IPQ8064" }, { "status": "affected", "version": "IPQ8065" }, { "status": "affected", "version": "IPQ8068" }, { "status": "affected", "version": "IPQ8070" }, { "status": "affected", "version": "IPQ8070A" }, { "status": "affected", "version": "IPQ8071" }, { "status": "affected", "version": "IPQ8071A" }, { "status": "affected", "version": "IPQ8072" }, { "status": "affected", "version": "IPQ8072A" }, { "status": "affected", "version": "IPQ8074" }, { "status": "affected", "version": "IPQ8074A" }, { "status": "affected", "version": "IPQ8076" }, { "status": "affected", "version": "IPQ8076A" }, { "status": "affected", "version": "IPQ8078" }, { "status": "affected", "version": "IPQ8078A" }, { "status": "affected", "version": "IPQ8173" }, { "status": "affected", "version": "IPQ8174" }, { "status": "affected", "version": "IPQ9008" }, { "status": "affected", "version": "IPQ9574" }, { "status": "affected", "version": "PMP8074" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QCA1062" }, { "status": "affected", "version": "QCA1064" }, { "status": "affected", "version": "QCA2062" }, { "status": "affected", "version": "QCA2064" }, { "status": "affected", "version": "QCA2065" }, { "status": "affected", "version": "QCA2066" }, { "status": "affected", "version": "QCA4024" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8072" }, { "status": "affected", "version": "QCA8075" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8082" }, { "status": "affected", "version": "QCA8084" }, { "status": "affected", "version": "QCA8085" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA8386" }, { "status": "affected", "version": "QCA9886" }, { "status": "affected", "version": "QCA9888" }, { "status": "affected", "version": "QCA9889" }, { "status": "affected", "version": "QCA9980" }, { "status": "affected", "version": "QCA9984" }, { "status": "affected", "version": "QCA9985" }, { "status": "affected", "version": "QCA9986" }, { "status": "affected", "version": "QCA9990" }, { "status": "affected", "version": "QCA9992" }, { "status": "affected", "version": "QCA9994" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN5021" }, { "status": "affected", "version": "QCN5022" }, { "status": "affected", "version": "QCN5024" }, { "status": "affected", "version": "QCN5052" }, { "status": "affected", "version": "QCN5054" }, { "status": "affected", "version": "QCN5122" }, { "status": "affected", "version": "QCN5124" }, { "status": "affected", "version": "QCN5152" }, { "status": "affected", "version": "QCN5154" }, { "status": "affected", "version": "QCN5164" }, { "status": "affected", "version": "QCN6023" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN6100" }, { "status": "affected", "version": "QCN6102" }, { "status": "affected", "version": "QCN6112" }, { "status": "affected", "version": "QCN6122" }, { "status": "affected", "version": "QCN6132" }, { "status": "affected", "version": "QCN9000" }, { "status": "affected", "version": "QCN9001" }, { "status": "affected", "version": "QCN9002" }, { "status": "affected", "version": "QCN9003" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9022" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9070" }, { "status": "affected", "version": "QCN9072" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCN9100" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "QSM8250" }, { "status": "affected", "version": "QSM8350" }, { "status": "affected", "version": "Robotics RB5 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SC8180X+SDX55" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption in WLAN HAL while parsing WMI command parameters." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-129", "description": "CWE-129 Improper Validation of Array Index", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:22:52.225Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Improper Validation of Array Index in WLAN HAL" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-28573", "datePublished": "2023-09-05T06:24:25.110Z", "dateReserved": "2023-03-17T11:41:45.850Z", "dateUpdated": "2024-08-02T13:43:22.725Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33021
Vulnerability from cvelistv5
Published
2023-09-05 06:24
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
Memory corruption in Graphics while processing user packets for command submission.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: APQ8064AU Version: AQT1000 Version: AR8035 Version: CSRA6620 Version: CSRA6640 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Flight RB5 5G Platform Version: Home Hub 100 Platform Version: MDM9650 Version: MSM8996AU Version: QAM8255P Version: QAM8295P Version: QCA6174A Version: QCA6310 Version: QCA6320 Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6564 Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCA9377 Version: QCA9379 Version: QCM4325 Version: QCM6490 Version: QCN6024 Version: QCN9011 Version: QCN9012 Version: QCN9024 Version: QCS410 Version: QCS610 Version: QCS6490 Version: QRB5165M Version: QRB5165N Version: Robotics RB5 Platform Version: SA4150P Version: SA4155P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SD 675 Version: SD626 Version: SD660 Version: SD670 Version: SD675 Version: SD730 Version: SD835 Version: SD855 Version: SD865 5G Version: SD888 Version: SDX55 Version: SM6250 Version: SM6250P Version: SM7250P Version: SM7315 Version: SM7325P Version: Smart Audio 200 Platform Version: Smart Audio 400 Platform Version: Smart Display 200 Platform (APQ5053-AA) Version: Snapdragon 4 Gen 1 Mobile Platform Version: Snapdragon 429 Mobile Platform Version: Snapdragon 439 Mobile Platform Version: Snapdragon 450 Mobile Platform Version: Snapdragon 480 5G Mobile Platform Version: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Version: Snapdragon 625 Mobile Platform Version: Snapdragon 626 Mobile Platform Version: Snapdragon 630 Mobile Platform Version: Snapdragon 632 Mobile Platform Version: Snapdragon 636 Mobile Platform Version: Snapdragon 660 Mobile Platform Version: Snapdragon 670 Mobile Platform Version: Snapdragon 675 Mobile Platform Version: Snapdragon 678 Mobile Platform (SM6150-AC) Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 690 5G Mobile Platform Version: Snapdragon 695 5G Mobile Platform Version: Snapdragon 710 Mobile Platform Version: Snapdragon 720G Mobile Platform Version: Snapdragon 730 Mobile Platform (SM7150-AA) Version: Snapdragon 730G Mobile Platform (SM7150-AB) Version: Snapdragon 732G Mobile Platform (SM7150-AC) Version: Snapdragon 750G 5G Mobile Platform Version: Snapdragon 765 5G Mobile Platform (SM7250-AA) Version: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Version: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Version: Snapdragon 778G 5G Mobile Platform Version: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Version: Snapdragon 780G 5G Mobile Platform Version: Snapdragon 782G Mobile Platform (SM7325-AF) Version: Snapdragon 7c+ Gen 3 Compute Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 820 Automotive Platform Version: Snapdragon 835 Mobile PC Platform Version: Snapdragon 855 Mobile Platform Version: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 888 5G Mobile Platform Version: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon X12 LTE Modem Version: Snapdragon X24 LTE Modem Version: Snapdragon X50 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon XR1 Platform Version: Snapdragon XR2 5G Platform Version: SW5100 Version: SW5100P Version: SXR1120 Version: SXR2130 Version: Vision Intelligence 100 Platform (APQ8053-AA) Version: Vision Intelligence 200 Platform (APQ8053-AC) Version: WCD9326 Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9370 Version: WCD9371 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCN3610 Version: WCN3615 Version: WCN3660 Version: WCN3660B Version: WCN3680B Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WCN6740 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8835 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:32:46.533Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "APQ8064AU" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "Home Hub 100 Platform" }, { "status": "affected", "version": "MDM9650" }, { "status": "affected", "version": "MSM8996AU" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6320" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6564" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA9377" }, { "status": "affected", "version": "QCA9379" }, { "status": "affected", "version": "QCM4325" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "Robotics RB5 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA4155P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SD 675" }, { "status": "affected", "version": "SD626" }, { "status": "affected", "version": "SD660" }, { "status": "affected", "version": "SD670" }, { "status": "affected", "version": "SD675" }, { "status": "affected", "version": "SD730" }, { "status": "affected", "version": "SD835" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SM6250" }, { "status": "affected", "version": "SM6250P" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "Smart Audio 200 Platform" }, { "status": "affected", "version": "Smart Audio 400 Platform" }, { "status": "affected", "version": "Smart Display 200 Platform (APQ5053-AA)" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 439 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 450 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 625 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 626 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 630 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 632 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 636 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 660 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 670 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 675 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 678 Mobile Platform (SM6150-AC)" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 710 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 720G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 730 Mobile Platform (SM7150-AA)" }, { "status": "affected", "version": "Snapdragon 730G Mobile Platform (SM7150-AB)" }, { "status": "affected", "version": "Snapdragon 732G Mobile Platform (SM7150-AC)" }, { "status": "affected", "version": "Snapdragon 750G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 820 Automotive Platform" }, { "status": "affected", "version": "Snapdragon 835 Mobile PC Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X12 LTE Modem" }, { "status": "affected", "version": "Snapdragon X24 LTE Modem" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "Vision Intelligence 100 Platform (APQ8053-AA)" }, { "status": "affected", "version": "Vision Intelligence 200 Platform (APQ8053-AC)" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9371" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3610" }, { "status": "affected", "version": "WCN3615" }, { "status": "affected", "version": "WCN3660" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption in Graphics while processing user packets for command submission." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:23:16.342Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "title": "Use After Free in Graphics" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-33021", "datePublished": "2023-09-05T06:24:34.185Z", "dateReserved": "2023-05-17T09:28:53.120Z", "dateUpdated": "2024-08-02T15:32:46.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35681
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 15:46
Severity ?
EPSS score ?
Summary
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:43.905Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d8d95291f16a8f18f8ffbd6322c14686897c5730" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-35681", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:46:14.631547Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:46:22.621Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" } ] } ], "descriptions": [ { "lang": "en", "value": "In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:44.515Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d8d95291f16a8f18f8ffbd6322c14686897c5730" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35681", "datePublished": "2023-09-11T20:09:54.702Z", "dateReserved": "2023-06-15T02:50:31.873Z", "dateUpdated": "2024-09-26T15:46:22.621Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35671
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:34
Severity ?
EPSS score ?
Summary
In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:43.985Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/apps/Nfc/+/745632835f3d97513a9c2a96e56e1dc06c4e4176" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "11" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35671", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:20:23.873620Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:34:53.613Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:41.672Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/apps/Nfc/+/745632835f3d97513a9c2a96e56e1dc06c4e4176" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35671", "datePublished": "2023-09-11T20:09:53.198Z", "dateReserved": "2023-06-15T02:50:29.819Z", "dateUpdated": "2024-09-26T14:34:53.613Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35666
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:40
Severity ?
EPSS score ?
Summary
In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.309Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b7ea57f620436c83a9766f928437ddadaa232e3a" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "11" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35666", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:39:06.598682Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:40:39.522Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:40.173Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b7ea57f620436c83a9766f928437ddadaa232e3a" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35666", "datePublished": "2023-09-11T20:09:52.427Z", "dateReserved": "2023-06-15T02:50:29.819Z", "dateUpdated": "2024-09-26T14:40:39.522Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35676
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:28
Severity ?
EPSS score ?
Summary
In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.629Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/frameworks/base/+/109e58b62dc9fedcee93983678ef9d4931e72afa" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "android", "vendor": "google", "versions": [ { "status": "affected", "version": "12" }, { "status": "affected", "version": "12l" }, { "status": "affected", "version": "13" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35676", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:12:12.416325Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:28:34.798Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" } ] } ], "descriptions": [ { "lang": "en", "value": "In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:43.088Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/base/+/109e58b62dc9fedcee93983678ef9d4931e72afa" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35676", "datePublished": "2023-09-11T20:09:53.971Z", "dateReserved": "2023-06-15T02:50:31.872Z", "dateUpdated": "2024-09-26T14:28:34.798Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35664
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-09-26 14:49
Severity ?
EPSS score ?
Summary
In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:43.974Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/47299fd978258e67a8eebc361cb7a4dd2936205e" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-35664", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:49:29.630893Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:49:42.795Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" } ] } ], "descriptions": [ { "lang": "en", "value": "In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:39.483Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/47299fd978258e67a8eebc361cb7a4dd2936205e" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35664", "datePublished": "2023-09-11T20:09:52.027Z", "dateReserved": "2023-06-15T02:50:10.273Z", "dateUpdated": "2024-09-26T14:49:42.795Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35682
Vulnerability from cvelistv5
Published
2023-09-11 20:09
Modified
2024-08-02 16:30
Severity ?
EPSS score ?
Summary
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:30:44.577Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/apps/Launcher3/+/09f8b0e52e45a0b39bab457534ba2e5ae91ffad0" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-09-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" }, { "status": "affected", "version": "12L" }, { "status": "affected", "version": "12" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en", "value": "In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-11T20:16:44.869Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/apps/Launcher3/+/09f8b0e52e45a0b39bab457534ba2e5ae91ffad0" }, { "url": "https://source.android.com/security/bulletin/2023-09-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-35682", "datePublished": "2023-09-11T20:09:54.893Z", "dateReserved": "2023-06-15T02:50:31.873Z", "dateUpdated": "2024-08-02T16:30:44.577Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.