Vulnerability-Lookup

WID-SEC-W-2023-2539

Vulnerability from csaf_certbund - Published: 2023-10-03 22:00 - Updated: 2023-10-03 22:00

Summary

Samsung Android: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen und seine Rechte zu erweitern.

Betroffene Betriebssysteme: - Android

CVE-2023-40140

Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enthält Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausführen, Sicherheitsmaßnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40139

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40138

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40137

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40136

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40135

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40134

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40133

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40131

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40130

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40129

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40128

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40127

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40125

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40123

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40121

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40120

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40117

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-40116

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-33021

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-33019

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-33016

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-33015

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-30733

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-30732

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-30731

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-30727

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-30692

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-30690

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-28584

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-28581

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-28573

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-28549

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-21653

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-21646

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-21291

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-21266

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-21253

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-21252

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

CVE-2023-21244

Affected products

Known affected 3 products

Product	Identifier	Version
Samsung Android 11 Samsung / Android	`cpe:/o:samsung:android:11`	—
Samsung Android 12 Samsung / Android	`cpe:/o:samsung:android:12`	—
Samsung Android 13 Samsung / Android	`cpe:/o:samsung:android:13`	—

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://security.samsungmobile.com/securityUpdate.smsb	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und seine Rechte zu erweitern.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Android",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2539 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2539.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2539 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2539"
      },
      {
        "category": "external",
        "summary": "Samsung Security Advisory - SMR-OCT-2023 vom 2023-10-03",
        "url": "https://security.samsungmobile.com/securityUpdate.smsb"
      }
    ],
    "source_lang": "en-US",
    "title": "Samsung Android: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-10-03T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:59:20.607+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-2539",
      "initial_release_date": "2023-10-03T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-10-03T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Samsung Android 11",
                "product": {
                  "name": "Samsung Android 11",
                  "product_id": "T027557",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:samsung:android:11"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Samsung Android 12",
                "product": {
                  "name": "Samsung Android 12",
                  "product_id": "T027558",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:samsung:android:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Samsung Android 13",
                "product": {
                  "name": "Samsung Android 13",
                  "product_id": "T030187",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:samsung:android:13"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Android"
          }
        ],
        "category": "vendor",
        "name": "Samsung"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-40140",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40140"
    },
    {
      "cve": "CVE-2023-40139",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40139"
    },
    {
      "cve": "CVE-2023-40138",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40138"
    },
    {
      "cve": "CVE-2023-40137",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40137"
    },
    {
      "cve": "CVE-2023-40136",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40136"
    },
    {
      "cve": "CVE-2023-40135",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40135"
    },
    {
      "cve": "CVE-2023-40134",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40134"
    },
    {
      "cve": "CVE-2023-40133",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40133"
    },
    {
      "cve": "CVE-2023-40131",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40131"
    },
    {
      "cve": "CVE-2023-40130",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40130"
    },
    {
      "cve": "CVE-2023-40129",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40129"
    },
    {
      "cve": "CVE-2023-40128",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40128"
    },
    {
      "cve": "CVE-2023-40127",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40127"
    },
    {
      "cve": "CVE-2023-40125",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40125"
    },
    {
      "cve": "CVE-2023-40123",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40123"
    },
    {
      "cve": "CVE-2023-40121",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40121"
    },
    {
      "cve": "CVE-2023-40120",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40120"
    },
    {
      "cve": "CVE-2023-40117",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40117"
    },
    {
      "cve": "CVE-2023-40116",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-40116"
    },
    {
      "cve": "CVE-2023-33021",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-33021"
    },
    {
      "cve": "CVE-2023-33019",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-33019"
    },
    {
      "cve": "CVE-2023-33016",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-33016"
    },
    {
      "cve": "CVE-2023-33015",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-33015"
    },
    {
      "cve": "CVE-2023-30733",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-30733"
    },
    {
      "cve": "CVE-2023-30732",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-30732"
    },
    {
      "cve": "CVE-2023-30731",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-30731"
    },
    {
      "cve": "CVE-2023-30727",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-30727"
    },
    {
      "cve": "CVE-2023-30692",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-30692"
    },
    {
      "cve": "CVE-2023-30690",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-30690"
    },
    {
      "cve": "CVE-2023-28584",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-28584"
    },
    {
      "cve": "CVE-2023-28581",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-28581"
    },
    {
      "cve": "CVE-2023-28573",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-28573"
    },
    {
      "cve": "CVE-2023-28549",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-28549"
    },
    {
      "cve": "CVE-2023-21653",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-21653"
    },
    {
      "cve": "CVE-2023-21646",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-21646"
    },
    {
      "cve": "CVE-2023-21291",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-21291"
    },
    {
      "cve": "CVE-2023-21266",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-21266"
    },
    {
      "cve": "CVE-2023-21253",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-21253"
    },
    {
      "cve": "CVE-2023-21252",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-21252"
    },
    {
      "cve": "CVE-2023-21244",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Samsung Android. Dieser Hinweis ist Teil des monatlichen Security Maintenance Release (SMR) Prozesses. Dieses SMR-Paket enth\u00e4lt Patches von Google und Samsung. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer beliebigen Code ausf\u00fchren, Sicherheitsma\u00dfnahmen umgehen, vertrauliche Informationen offenlegen und seine Privilegien ausweiten. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027557",
          "T027558",
          "T030187"
        ]
      },
      "release_date": "2023-10-03T22:00:00.000+00:00",
      "title": "CVE-2023-21244"
    }
  ]
}

CVE-2023-21244 (GCVE-0-2023-21244)

Vulnerability from cvelistv5 – Published: 2023-10-06 18:48 – Updated: 2025-05-01 19:16

Summary

In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Severity

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

Elevation of privilege

Assigner

google_android

References

4 references

URL	Tags
https://android.googlesource.com/platform/framewo…
https://android.googlesource.com/platform/framewo…
https://android.googlesource.com/platform/framewo…
https://source.android.com/security/bulletin/2023-10-01

Impacted products

1 product

Vendor	Product	Version
Google	Android	Affected: 13 Affected: 12L Affected: 12 Affected: 11

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:28:26.128Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/frameworks/base/+/3a448067ac9ebdf669951e90678c2daa592a81d3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/frameworks/base/+/20aedba4998373addc2befcc455a118585559fef"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/frameworks/base/+/5a3d0c131175d923cf35c7beb3ee77a9e6485dad"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2023-10-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-21244",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:26:26.570272Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-862",
                "description": "CWE-862 Missing Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-01T19:16:57.257Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "13"
            },
            {
              "status": "affected",
              "version": "12L"
            },
            {
              "status": "affected",
              "version": "12"
            },
            {
              "status": "affected",
              "version": "11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-27T18:32:17.051Z",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "url": "https://android.googlesource.com/platform/frameworks/base/+/3a448067ac9ebdf669951e90678c2daa592a81d3"
        },
        {
          "url": "https://android.googlesource.com/platform/frameworks/base/+/20aedba4998373addc2befcc455a118585559fef"
        },
        {
          "url": "https://android.googlesource.com/platform/frameworks/base/+/5a3d0c131175d923cf35c7beb3ee77a9e6485dad"
        },
        {
          "url": "https://source.android.com/security/bulletin/2023-10-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2023-21244",
    "datePublished": "2023-10-06T18:48:40.041Z",
    "dateReserved": "2022-11-03T22:37:50.652Z",
    "dateUpdated": "2025-05-01T19:16:57.257Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-21252 (GCVE-0-2023-21252)

Vulnerability from cvelistv5 – Published: 2023-10-06 18:48 – Updated: 2024-09-19 16:10

Summary

In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity

No CVSS data available.

CWE

Denial of service

Assigner

google_android

References

3 references

URL	Tags
https://android.googlesource.com/platform/package…
https://android.googlesource.com/platform/package…
https://source.android.com/security/bulletin/2023-10-01

Impacted products

1 product

Vendor	Product	Version
Google	Android	Affected: 13 Affected: 12L Affected: 12 Affected: 11

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:28:26.230Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/044ab0684153c4effb9f4fda47df43ccdc77bda8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/50b08ee30e04d185e5ae97a5f717d436fd5a90f3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2023-10-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-21252",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T16:09:29.128777Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T16:10:21.568Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "13"
            },
            {
              "status": "affected",
              "version": "12L"
            },
            {
              "status": "affected",
              "version": "12"
            },
            {
              "status": "affected",
              "version": "11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of service",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-27T20:22:54.808Z",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/044ab0684153c4effb9f4fda47df43ccdc77bda8"
        },
        {
          "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/50b08ee30e04d185e5ae97a5f717d436fd5a90f3"
        },
        {
          "url": "https://source.android.com/security/bulletin/2023-10-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2023-21252",
    "datePublished": "2023-10-06T18:48:40.232Z",
    "dateReserved": "2022-11-03T22:37:50.652Z",
    "dateUpdated": "2024-09-19T16:10:21.568Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-21253 (GCVE-0-2023-21253)

Vulnerability from cvelistv5 – Published: 2023-10-06 18:48 – Updated: 2024-09-19 16:07

Summary

In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity

No CVSS data available.

CWE

Denial of service

Assigner

google_android

References

4 references

URL	Tags
https://android.googlesource.com/platform/framewo…
https://android.googlesource.com/platform/tools/a…
https://android.googlesource.com/platform/tools/a…
https://source.android.com/security/bulletin/2023-10-01

Impacted products

1 product

Vendor	Product	Version
Google	Android	Affected: 13 Affected: 12L Affected: 12 Affected: 11

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:28:26.122Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/frameworks/base/+/84df68840b6f2407146e722ebd95a7d8bc6e3529"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/tools/apksig/+/039f815895f62c9f8af23df66622b66246f3f61e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/tools/apksig/+/41d882324288085fd32ae0bb70dc85f5fd0e2be7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2023-10-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-21253",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T16:06:19.036040Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T16:07:50.031Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "13"
            },
            {
              "status": "affected",
              "version": "12L"
            },
            {
              "status": "affected",
              "version": "12"
            },
            {
              "status": "affected",
              "version": "11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of service",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-27T20:22:55.310Z",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "url": "https://android.googlesource.com/platform/frameworks/base/+/84df68840b6f2407146e722ebd95a7d8bc6e3529"
        },
        {
          "url": "https://android.googlesource.com/platform/tools/apksig/+/039f815895f62c9f8af23df66622b66246f3f61e"
        },
        {
          "url": "https://android.googlesource.com/platform/tools/apksig/+/41d882324288085fd32ae0bb70dc85f5fd0e2be7"
        },
        {
          "url": "https://source.android.com/security/bulletin/2023-10-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2023-21253",
    "datePublished": "2023-10-06T18:48:40.422Z",
    "dateReserved": "2022-11-03T22:37:50.652Z",
    "dateUpdated": "2024-09-19T16:07:50.031Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-21266 (GCVE-0-2023-21266)

Vulnerability from cvelistv5 – Published: 2023-10-06 18:48 – Updated: 2025-05-05 14:59

Summary

In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Elevation of privilege

Assigner

google_android

References

2 references

URL	Tags
https://android.googlesource.com/platform/framewo…
https://source.android.com/security/bulletin/2024-06-01

Impacted products

1 product

Vendor	Product	Version
Google	Android	Affected: 13 Affected: 12L Affected: 12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:28:26.117Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/frameworks/base/+/fa94ce5c7738e449cb6bd68c77af4858018e49e0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2024-06-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-21266",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:26:25.036772Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-05T14:59:28.865Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "13"
            },
            {
              "status": "affected",
              "version": "12L"
            },
            {
              "status": "affected",
              "version": "12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-09T20:09:14.813Z",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "url": "https://android.googlesource.com/platform/frameworks/base/+/fa94ce5c7738e449cb6bd68c77af4858018e49e0"
        },
        {
          "url": "https://source.android.com/security/bulletin/2024-06-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2023-21266",
    "datePublished": "2023-10-06T18:48:40.618Z",
    "dateReserved": "2022-11-03T22:37:50.653Z",
    "dateUpdated": "2025-05-05T14:59:28.865Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-21291 (GCVE-0-2023-21291)

Vulnerability from cvelistv5 – Published: 2023-10-06 18:48 – Updated: 2024-09-19 16:01

Summary

In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

Severity

No CVSS data available.

CWE

Information disclosure

Assigner

google_android

References

2 references

URL	Tags
https://android.googlesource.com/platform/framewo…
https://source.android.com/security/bulletin/2023-10-01

Impacted products

1 product

Vendor	Product	Version
Google	Android	Affected: 13 Affected: 12L Affected: 12 Affected: 11

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:36:33.200Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/frameworks/base/+/cb6282e8970f4c9db5497889699e68fb2038566e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2023-10-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-21291",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T15:58:24.714618Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T16:01:03.988Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "13"
            },
            {
              "status": "affected",
              "version": "12L"
            },
            {
              "status": "affected",
              "version": "12"
            },
            {
              "status": "affected",
              "version": "11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-27T20:22:56.019Z",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "url": "https://android.googlesource.com/platform/frameworks/base/+/cb6282e8970f4c9db5497889699e68fb2038566e"
        },
        {
          "url": "https://source.android.com/security/bulletin/2023-10-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2023-21291",
    "datePublished": "2023-10-06T18:48:40.793Z",
    "dateReserved": "2022-11-03T22:37:50.656Z",
    "dateUpdated": "2024-09-19T16:01:03.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-21646 (GCVE-0-2023-21646)

Vulnerability from cvelistv5 – Published: 2023-09-05 06:23 – Updated: 2024-08-02 09:44

Title

Reachable Assertion in Modem

Summary

Transient DOS in Modem while processing invalid System Information Block 1.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-617 - Reachable Assertion

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: AR8035 Affected: QCA6390 Affected: QCA6391 Affected: QCA6574A Affected: QCA6595AU Affected: QCA6696 Affected: QCA8081 Affected: QCA8337 Affected: QCM6490 Affected: QCN6024 Affected: QCN9024 Affected: QCS6490 Affected: QCX315 Affected: SA515M Affected: SD 8 Gen1 5G Affected: SD480 Affected: SD690 5G Affected: SD695 Affected: SD765 Affected: SD765G Affected: SD768G Affected: SD778G Affected: SD780G Affected: SD865 5G Affected: SD870 Affected: SD888 5G Affected: SDX55 Affected: SDX55M Affected: SDX65 Affected: SDX70M Affected: SM7250P Affected: SM7325P Affected: Snapdragon 4 Gen 1 Affected: WCD9341 Affected: WCD9360 Affected: WCD9370 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 Affected: WCN3988 Affected: WCN3991 Affected: WCN3998 Affected: WCN6740 Affected: WCN6750 Affected: WCN6850 Affected: WCN6851 Affected: WCN6855 Affected: WCN6856 Affected: WCN7850 Affected: WCN7851 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ar8035_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6390_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6391_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6574a_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6595au_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6696_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca8081_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca8337_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcm6490_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcn6024_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcn9024_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcs6490_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcx315_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcx315_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa515m_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd_8_gen1_5g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd480_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd690_5g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd695_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd765_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd765g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd768g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd778g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd780g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd865_5g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd870_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd888_5g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sdx55_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sdx55m_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sdx65_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sdx70m_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sdx70m_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sm7250p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sm7325p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_4_gen_1_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9341_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9360_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9370_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9375_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9385_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3988_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3991_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3998_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6740_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6750_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6850_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6851_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6855_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6856_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn7850_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn7851_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8810_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8815_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8830_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8835_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-21646",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-12T19:51:32.518961Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:19:41.852Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:44:02.064Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "QCA6390"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6574A"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCM6490"
            },
            {
              "status": "affected",
              "version": "QCN6024"
            },
            {
              "status": "affected",
              "version": "QCN9024"
            },
            {
              "status": "affected",
              "version": "QCS6490"
            },
            {
              "status": "affected",
              "version": "QCX315"
            },
            {
              "status": "affected",
              "version": "SA515M"
            },
            {
              "status": "affected",
              "version": "SD 8 Gen1 5G"
            },
            {
              "status": "affected",
              "version": "SD480"
            },
            {
              "status": "affected",
              "version": "SD690 5G"
            },
            {
              "status": "affected",
              "version": "SD695"
            },
            {
              "status": "affected",
              "version": "SD765"
            },
            {
              "status": "affected",
              "version": "SD765G"
            },
            {
              "status": "affected",
              "version": "SD768G"
            },
            {
              "status": "affected",
              "version": "SD778G"
            },
            {
              "status": "affected",
              "version": "SD780G"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "SD870"
            },
            {
              "status": "affected",
              "version": "SD888 5G"
            },
            {
              "status": "affected",
              "version": "SDX55"
            },
            {
              "status": "affected",
              "version": "SDX55M"
            },
            {
              "status": "affected",
              "version": "SDX65"
            },
            {
              "status": "affected",
              "version": "SDX70M"
            },
            {
              "status": "affected",
              "version": "SM7250P"
            },
            {
              "status": "affected",
              "version": "SM7325P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 4 Gen 1"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9360"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9375"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN3991"
            },
            {
              "status": "affected",
              "version": "WCN3998"
            },
            {
              "status": "affected",
              "version": "WCN6740"
            },
            {
              "status": "affected",
              "version": "WCN6750"
            },
            {
              "status": "affected",
              "version": "WCN6850"
            },
            {
              "status": "affected",
              "version": "WCN6851"
            },
            {
              "status": "affected",
              "version": "WCN6855"
            },
            {
              "status": "affected",
              "version": "WCN6856"
            },
            {
              "status": "affected",
              "version": "WCN7850"
            },
            {
              "status": "affected",
              "version": "WCN7851"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Transient DOS in Modem while processing invalid System Information Block 1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617 Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:21:35.070Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
        }
      ],
      "title": "Reachable Assertion in Modem"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-21646",
    "datePublished": "2023-09-05T06:23:55.261Z",
    "dateReserved": "2022-12-07T02:58:25.867Z",
    "dateUpdated": "2024-08-02T09:44:02.064Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-21653 (GCVE-0-2023-21653)

Vulnerability from cvelistv5 – Published: 2023-09-05 06:23 – Updated: 2024-08-02 09:44

Title

Reachable Assertion in Modem

Summary

Transient DOS in Modem while processing RRC reconfiguration message.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-617 - Reachable Assertion

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: AR8035 Affected: QCA8081 Affected: QCA8337 Affected: QCN6024 Affected: QCN9024 Affected: SDX65 Affected: SDX70M Affected: WCD9380 Affected: WCN6855 Affected: WCN6856

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ar8035_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca8081_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca8337_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcn6024_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcn9024_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sdx65_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sdx70m_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sdx70m_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6855_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6856_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-21653",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-12T19:51:30.562905Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:19:49.902Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:44:01.946Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Mobile"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCN6024"
            },
            {
              "status": "affected",
              "version": "QCN9024"
            },
            {
              "status": "affected",
              "version": "SDX65"
            },
            {
              "status": "affected",
              "version": "SDX70M"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCN6855"
            },
            {
              "status": "affected",
              "version": "WCN6856"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Transient DOS in Modem while processing RRC reconfiguration message."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617 Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:21:38.721Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
        }
      ],
      "title": "Reachable Assertion in Modem"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-21653",
    "datePublished": "2023-09-05T06:23:56.700Z",
    "dateReserved": "2022-12-07T02:58:25.868Z",
    "dateUpdated": "2024-08-02T09:44:01.946Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28549 (GCVE-0-2023-28549)

Vulnerability from cvelistv5 – Published: 2023-09-05 06:24 – Updated: 2025-02-27 21:02

Title

Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN HAL

Summary

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: 315 5G IoT Modem Affected: AQT1000 Affected: AR8035 Affected: AR9380 Affected: CSR8811 Affected: CSRB31024 Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: Flight RB5 5G Platform Affected: Immersive Home 214 Platform Affected: Immersive Home 216 Platform Affected: Immersive Home 316 Platform Affected: Immersive Home 318 Platform Affected: IPQ4018 Affected: IPQ4019 Affected: IPQ4028 Affected: IPQ4029 Affected: IPQ5010 Affected: IPQ5028 Affected: IPQ6000 Affected: IPQ6010 Affected: IPQ6018 Affected: IPQ6028 Affected: IPQ8064 Affected: IPQ8065 Affected: IPQ8068 Affected: IPQ8070 Affected: IPQ8070A Affected: IPQ8071 Affected: IPQ8071A Affected: IPQ8072 Affected: IPQ8072A Affected: IPQ8074 Affected: IPQ8074A Affected: IPQ8076 Affected: IPQ8076A Affected: IPQ8078 Affected: IPQ8078A Affected: IPQ8173 Affected: IPQ8174 Affected: IPQ9008 Affected: IPQ9574 Affected: PMP8074 Affected: QAM8295P Affected: QCA1062 Affected: QCA1064 Affected: QCA2062 Affected: QCA2064 Affected: QCA2065 Affected: QCA2066 Affected: QCA4024 Affected: QCA6310 Affected: QCA6320 Affected: QCA6391 Affected: QCA6420 Affected: QCA6421 Affected: QCA6426 Affected: QCA6428 Affected: QCA6430 Affected: QCA6431 Affected: QCA6436 Affected: QCA6438 Affected: QCA6554A Affected: QCA6564A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6678AQ Affected: QCA6696 Affected: QCA6698AQ Affected: QCA7500 Affected: QCA8072 Affected: QCA8075 Affected: QCA8081 Affected: QCA8082 Affected: QCA8084 Affected: QCA8085 Affected: QCA8337 Affected: QCA8386 Affected: QCA9880 Affected: QCA9886 Affected: QCA9888 Affected: QCA9889 Affected: QCA9898 Affected: QCA9980 Affected: QCA9984 Affected: QCA9985 Affected: QCA9986 Affected: QCA9990 Affected: QCA9992 Affected: QCA9994 Affected: QCM4490 Affected: QCM6490 Affected: QCN5021 Affected: QCN5022 Affected: QCN5024 Affected: QCN5052 Affected: QCN5054 Affected: QCN5064 Affected: QCN5122 Affected: QCN5124 Affected: QCN5152 Affected: QCN5154 Affected: QCN5164 Affected: QCN5550 Affected: QCN6023 Affected: QCN6024 Affected: QCN6100 Affected: QCN6102 Affected: QCN6112 Affected: QCN6122 Affected: QCN6132 Affected: QCN9000 Affected: QCN9001 Affected: QCN9002 Affected: QCN9003 Affected: QCN9011 Affected: QCN9012 Affected: QCN9022 Affected: QCN9024 Affected: QCN9070 Affected: QCN9072 Affected: QCN9074 Affected: QCN9100 Affected: QCN9274 Affected: QCS4490 Affected: QCS6490 Affected: QCS8250 Affected: QRB5165M Affected: QRB5165N Affected: QSM8250 Affected: QSM8350 Affected: Qualcomm Robotics RB5 Platform Affected: SA4150P Affected: SA6145P Affected: SA6150P Affected: SA6155 Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SC8180X+SDX55 Affected: SD 455 Affected: SD 8 Gen1 5G Affected: SD660 Affected: SD835 Affected: SD865 5G Affected: SD888 Affected: SDX55 Affected: SM4450 Affected: SM7250P Affected: SM7315 Affected: SM7325P Affected: Snapdragon 4 Gen 1 Mobile Platform Affected: Snapdragon 480 5G Mobile Platform Affected: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Affected: Snapdragon 630 Mobile Platform Affected: Snapdragon 636 Mobile Platform Affected: Snapdragon 660 Mobile Platform Affected: Snapdragon 690 5G Mobile Platform Affected: Snapdragon 695 5G Mobile Platform Affected: Snapdragon 750G 5G Mobile Platform Affected: Snapdragon 765 5G Mobile Platform (SM7250-AA) Affected: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Affected: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Affected: Snapdragon 778G 5G Mobile Platform Affected: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Affected: Snapdragon 780G 5G Mobile Platform Affected: Snapdragon 782G Mobile Platform (SM7325-AF) Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: Snapdragon 8+ Gen 1 Mobile Platform Affected: Snapdragon 835 Mobile PC Platform Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon 888 5G Mobile Platform Affected: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Affected: Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite" Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Affected: Snapdragon 8cx Compute Platform (SC8180X-AA, AB) Affected: Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro" Affected: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro" Affected: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB) Affected: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Affected: Snapdragon AR2 Gen 1 Platform Affected: Snapdragon Auto 5G Modem-RF Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon X65 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: Snapdragon XR2+ Gen 1 Platform Affected: Snapdragon Auto 4G Modem Affected: SSG2115P Affected: SSG2125P Affected: SW5100 Affected: SW5100P Affected: SXR1230P Affected: SXR2130 Affected: SXR2230P Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9360 Affected: WCD9370 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WCN6740 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:43:22.630Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28549",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T21:52:52.275182Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T21:02:20.269Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Connectivity",
            "Snapdragon Consumer Electronics Connectivity",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Wearables",
            "Snapdragon Wired Infrastructure and Networking"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "315 5G IoT Modem"
            },
            {
              "status": "affected",
              "version": "AQT1000"
            },
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "AR9380"
            },
            {
              "status": "affected",
              "version": "CSR8811"
            },
            {
              "status": "affected",
              "version": "CSRB31024"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6700"
            },
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "Flight RB5 5G Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 214 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 216 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 316 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 318 Platform"
            },
            {
              "status": "affected",
              "version": "IPQ4018"
            },
            {
              "status": "affected",
              "version": "IPQ4019"
            },
            {
              "status": "affected",
              "version": "IPQ4028"
            },
            {
              "status": "affected",
              "version": "IPQ4029"
            },
            {
              "status": "affected",
              "version": "IPQ5010"
            },
            {
              "status": "affected",
              "version": "IPQ5028"
            },
            {
              "status": "affected",
              "version": "IPQ6000"
            },
            {
              "status": "affected",
              "version": "IPQ6010"
            },
            {
              "status": "affected",
              "version": "IPQ6018"
            },
            {
              "status": "affected",
              "version": "IPQ6028"
            },
            {
              "status": "affected",
              "version": "IPQ8064"
            },
            {
              "status": "affected",
              "version": "IPQ8065"
            },
            {
              "status": "affected",
              "version": "IPQ8068"
            },
            {
              "status": "affected",
              "version": "IPQ8070"
            },
            {
              "status": "affected",
              "version": "IPQ8070A"
            },
            {
              "status": "affected",
              "version": "IPQ8071"
            },
            {
              "status": "affected",
              "version": "IPQ8071A"
            },
            {
              "status": "affected",
              "version": "IPQ8072"
            },
            {
              "status": "affected",
              "version": "IPQ8072A"
            },
            {
              "status": "affected",
              "version": "IPQ8074"
            },
            {
              "status": "affected",
              "version": "IPQ8074A"
            },
            {
              "status": "affected",
              "version": "IPQ8076"
            },
            {
              "status": "affected",
              "version": "IPQ8076A"
            },
            {
              "status": "affected",
              "version": "IPQ8078"
            },
            {
              "status": "affected",
              "version": "IPQ8078A"
            },
            {
              "status": "affected",
              "version": "IPQ8173"
            },
            {
              "status": "affected",
              "version": "IPQ8174"
            },
            {
              "status": "affected",
              "version": "IPQ9008"
            },
            {
              "status": "affected",
              "version": "IPQ9574"
            },
            {
              "status": "affected",
              "version": "PMP8074"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA1062"
            },
            {
              "status": "affected",
              "version": "QCA1064"
            },
            {
              "status": "affected",
              "version": "QCA2062"
            },
            {
              "status": "affected",
              "version": "QCA2064"
            },
            {
              "status": "affected",
              "version": "QCA2065"
            },
            {
              "status": "affected",
              "version": "QCA2066"
            },
            {
              "status": "affected",
              "version": "QCA4024"
            },
            {
              "status": "affected",
              "version": "QCA6310"
            },
            {
              "status": "affected",
              "version": "QCA6320"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6420"
            },
            {
              "status": "affected",
              "version": "QCA6421"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6428"
            },
            {
              "status": "affected",
              "version": "QCA6430"
            },
            {
              "status": "affected",
              "version": "QCA6431"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6438"
            },
            {
              "status": "affected",
              "version": "QCA6554A"
            },
            {
              "status": "affected",
              "version": "QCA6564A"
            },
            {
              "status": "affected",
              "version": "QCA6564AU"
            },
            {
              "status": "affected",
              "version": "QCA6574"
            },
            {
              "status": "affected",
              "version": "QCA6574A"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6584AU"
            },
            {
              "status": "affected",
              "version": "QCA6595"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6678AQ"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCA7500"
            },
            {
              "status": "affected",
              "version": "QCA8072"
            },
            {
              "status": "affected",
              "version": "QCA8075"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8082"
            },
            {
              "status": "affected",
              "version": "QCA8084"
            },
            {
              "status": "affected",
              "version": "QCA8085"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCA8386"
            },
            {
              "status": "affected",
              "version": "QCA9880"
            },
            {
              "status": "affected",
              "version": "QCA9886"
            },
            {
              "status": "affected",
              "version": "QCA9888"
            },
            {
              "status": "affected",
              "version": "QCA9889"
            },
            {
              "status": "affected",
              "version": "QCA9898"
            },
            {
              "status": "affected",
              "version": "QCA9980"
            },
            {
              "status": "affected",
              "version": "QCA9984"
            },
            {
              "status": "affected",
              "version": "QCA9985"
            },
            {
              "status": "affected",
              "version": "QCA9986"
            },
            {
              "status": "affected",
              "version": "QCA9990"
            },
            {
              "status": "affected",
              "version": "QCA9992"
            },
            {
              "status": "affected",
              "version": "QCA9994"
            },
            {
              "status": "affected",
              "version": "QCM4490"
            },
            {
              "status": "affected",
              "version": "QCM6490"
            },
            {
              "status": "affected",
              "version": "QCN5021"
            },
            {
              "status": "affected",
              "version": "QCN5022"
            },
            {
              "status": "affected",
              "version": "QCN5024"
            },
            {
              "status": "affected",
              "version": "QCN5052"
            },
            {
              "status": "affected",
              "version": "QCN5054"
            },
            {
              "status": "affected",
              "version": "QCN5064"
            },
            {
              "status": "affected",
              "version": "QCN5122"
            },
            {
              "status": "affected",
              "version": "QCN5124"
            },
            {
              "status": "affected",
              "version": "QCN5152"
            },
            {
              "status": "affected",
              "version": "QCN5154"
            },
            {
              "status": "affected",
              "version": "QCN5164"
            },
            {
              "status": "affected",
              "version": "QCN5550"
            },
            {
              "status": "affected",
              "version": "QCN6023"
            },
            {
              "status": "affected",
              "version": "QCN6024"
            },
            {
              "status": "affected",
              "version": "QCN6100"
            },
            {
              "status": "affected",
              "version": "QCN6102"
            },
            {
              "status": "affected",
              "version": "QCN6112"
            },
            {
              "status": "affected",
              "version": "QCN6122"
            },
            {
              "status": "affected",
              "version": "QCN6132"
            },
            {
              "status": "affected",
              "version": "QCN9000"
            },
            {
              "status": "affected",
              "version": "QCN9001"
            },
            {
              "status": "affected",
              "version": "QCN9002"
            },
            {
              "status": "affected",
              "version": "QCN9003"
            },
            {
              "status": "affected",
              "version": "QCN9011"
            },
            {
              "status": "affected",
              "version": "QCN9012"
            },
            {
              "status": "affected",
              "version": "QCN9022"
            },
            {
              "status": "affected",
              "version": "QCN9024"
            },
            {
              "status": "affected",
              "version": "QCN9070"
            },
            {
              "status": "affected",
              "version": "QCN9072"
            },
            {
              "status": "affected",
              "version": "QCN9074"
            },
            {
              "status": "affected",
              "version": "QCN9100"
            },
            {
              "status": "affected",
              "version": "QCN9274"
            },
            {
              "status": "affected",
              "version": "QCS4490"
            },
            {
              "status": "affected",
              "version": "QCS6490"
            },
            {
              "status": "affected",
              "version": "QCS8250"
            },
            {
              "status": "affected",
              "version": "QRB5165M"
            },
            {
              "status": "affected",
              "version": "QRB5165N"
            },
            {
              "status": "affected",
              "version": "QSM8250"
            },
            {
              "status": "affected",
              "version": "QSM8350"
            },
            {
              "status": "affected",
              "version": "Qualcomm Robotics RB5 Platform"
            },
            {
              "status": "affected",
              "version": "SA4150P"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SC8180X+SDX55"
            },
            {
              "status": "affected",
              "version": "SD 455"
            },
            {
              "status": "affected",
              "version": "SD 8 Gen1 5G"
            },
            {
              "status": "affected",
              "version": "SD660"
            },
            {
              "status": "affected",
              "version": "SD835"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "SD888"
            },
            {
              "status": "affected",
              "version": "SDX55"
            },
            {
              "status": "affected",
              "version": "SM4450"
            },
            {
              "status": "affected",
              "version": "SM7250P"
            },
            {
              "status": "affected",
              "version": "SM7315"
            },
            {
              "status": "affected",
              "version": "SM7325P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 4 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 480 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 630 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 636 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 660 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 690 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 695 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 750G 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 778G 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 780G 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 782G Mobile Platform (SM7325-AF)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 7c+ Gen 3 Compute"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8+ Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 835 Mobile PC Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 888 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\""
            },
            {
              "status": "affected",
              "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\""
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\""
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon AR2 Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 5G Modem-RF"
            },
            {
              "status": "affected",
              "version": "Snapdragon W5+ Gen 1 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X55 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X65 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2+ Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 4G Modem"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2130"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9360"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9375"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN3990"
            },
            {
              "status": "affected",
              "version": "WCN6740"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:22:17.450Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
        }
      ],
      "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN HAL"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-28549",
    "datePublished": "2023-09-05T06:24:11.272Z",
    "dateReserved": "2023-03-17T11:41:45.846Z",
    "dateUpdated": "2025-02-27T21:02:20.269Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28573 (GCVE-0-2023-28573)

Vulnerability from cvelistv5 – Published: 2023-09-05 06:24 – Updated: 2024-08-02 13:43

Title

Improper Validation of Array Index in WLAN HAL

Summary

Memory corruption in WLAN HAL while parsing WMI command parameters.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-129 - Improper Validation of Array Index

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: 315 5G IoT Modem Affected: AQT1000 Affected: AR8035 Affected: AR9380 Affected: CSR8811 Affected: CSRB31024 Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: Flight RB5 5G Platform Affected: Immersive Home 214 Platform Affected: Immersive Home 216 Platform Affected: Immersive Home 316 Platform Affected: Immersive Home 318 Platform Affected: IPQ5010 Affected: IPQ5028 Affected: IPQ6000 Affected: IPQ6010 Affected: IPQ6018 Affected: IPQ6028 Affected: IPQ8064 Affected: IPQ8065 Affected: IPQ8068 Affected: IPQ8070 Affected: IPQ8070A Affected: IPQ8071 Affected: IPQ8071A Affected: IPQ8072 Affected: IPQ8072A Affected: IPQ8074 Affected: IPQ8074A Affected: IPQ8076 Affected: IPQ8076A Affected: IPQ8078 Affected: IPQ8078A Affected: IPQ8173 Affected: IPQ8174 Affected: IPQ9008 Affected: IPQ9574 Affected: PMP8074 Affected: QAM8255P Affected: QAM8295P Affected: QCA1062 Affected: QCA1064 Affected: QCA2062 Affected: QCA2064 Affected: QCA2065 Affected: QCA2066 Affected: QCA4024 Affected: QCA6391 Affected: QCA6420 Affected: QCA6421 Affected: QCA6426 Affected: QCA6430 Affected: QCA6431 Affected: QCA6436 Affected: QCA6554A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6678AQ Affected: QCA6696 Affected: QCA6698AQ Affected: QCA6797AQ Affected: QCA8072 Affected: QCA8075 Affected: QCA8081 Affected: QCA8082 Affected: QCA8084 Affected: QCA8085 Affected: QCA8337 Affected: QCA8386 Affected: QCA9886 Affected: QCA9888 Affected: QCA9889 Affected: QCA9980 Affected: QCA9984 Affected: QCA9985 Affected: QCA9986 Affected: QCA9990 Affected: QCA9992 Affected: QCA9994 Affected: QCM4490 Affected: QCM6490 Affected: QCN5021 Affected: QCN5022 Affected: QCN5024 Affected: QCN5052 Affected: QCN5054 Affected: QCN5122 Affected: QCN5124 Affected: QCN5152 Affected: QCN5154 Affected: QCN5164 Affected: QCN6023 Affected: QCN6024 Affected: QCN6100 Affected: QCN6102 Affected: QCN6112 Affected: QCN6122 Affected: QCN6132 Affected: QCN9000 Affected: QCN9001 Affected: QCN9002 Affected: QCN9003 Affected: QCN9011 Affected: QCN9012 Affected: QCN9022 Affected: QCN9024 Affected: QCN9070 Affected: QCN9072 Affected: QCN9074 Affected: QCN9100 Affected: QCN9274 Affected: QCS4490 Affected: QCS6490 Affected: QCS8250 Affected: QCS8550 Affected: QRB5165M Affected: QRB5165N Affected: QSM8250 Affected: QSM8350 Affected: Robotics RB5 Platform Affected: SA4150P Affected: SA6145P Affected: SA6150P Affected: SA6155 Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SA8255P Affected: SA8295P Affected: SC8180X+SDX55 Affected: SD 8 Gen1 5G Affected: SD865 5G Affected: SD888 Affected: SDX55 Affected: SM7315 Affected: SM7325P Affected: Snapdragon 778G 5G Mobile Platform Affected: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Affected: Snapdragon 780G 5G Mobile Platform Affected: Snapdragon 782G Mobile Platform (SM7325-AF) Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: Snapdragon 8+ Gen 1 Mobile Platform Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon 888 5G Mobile Platform Affected: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Affected: Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite" Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Affected: Snapdragon 8cx Compute Platform (SC8180X-AA, AB) Affected: Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro" Affected: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro" Affected: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB) Affected: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Affected: Snapdragon AR2 Gen 1 Platform Affected: Snapdragon Auto 5G Modem-RF Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon X65 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: Snapdragon XR2+ Gen 1 Platform Affected: Snapdragon Auto 4G Modem Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2130 Affected: SXR2230P Affected: WCD9340 Affected: WCD9341 Affected: WCD9360 Affected: WCD9370 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 Affected: WCN3950 Affected: WCN3980 Affected: WCN6740 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:43:22.725Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Connectivity",
            "Snapdragon Consumer Electronics Connectivity",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Wired Infrastructure and Networking"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "315 5G IoT Modem"
            },
            {
              "status": "affected",
              "version": "AQT1000"
            },
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "AR9380"
            },
            {
              "status": "affected",
              "version": "CSR8811"
            },
            {
              "status": "affected",
              "version": "CSRB31024"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6700"
            },
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "Flight RB5 5G Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 214 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 216 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 316 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 318 Platform"
            },
            {
              "status": "affected",
              "version": "IPQ5010"
            },
            {
              "status": "affected",
              "version": "IPQ5028"
            },
            {
              "status": "affected",
              "version": "IPQ6000"
            },
            {
              "status": "affected",
              "version": "IPQ6010"
            },
            {
              "status": "affected",
              "version": "IPQ6018"
            },
            {
              "status": "affected",
              "version": "IPQ6028"
            },
            {
              "status": "affected",
              "version": "IPQ8064"
            },
            {
              "status": "affected",
              "version": "IPQ8065"
            },
            {
              "status": "affected",
              "version": "IPQ8068"
            },
            {
              "status": "affected",
              "version": "IPQ8070"
            },
            {
              "status": "affected",
              "version": "IPQ8070A"
            },
            {
              "status": "affected",
              "version": "IPQ8071"
            },
            {
              "status": "affected",
              "version": "IPQ8071A"
            },
            {
              "status": "affected",
              "version": "IPQ8072"
            },
            {
              "status": "affected",
              "version": "IPQ8072A"
            },
            {
              "status": "affected",
              "version": "IPQ8074"
            },
            {
              "status": "affected",
              "version": "IPQ8074A"
            },
            {
              "status": "affected",
              "version": "IPQ8076"
            },
            {
              "status": "affected",
              "version": "IPQ8076A"
            },
            {
              "status": "affected",
              "version": "IPQ8078"
            },
            {
              "status": "affected",
              "version": "IPQ8078A"
            },
            {
              "status": "affected",
              "version": "IPQ8173"
            },
            {
              "status": "affected",
              "version": "IPQ8174"
            },
            {
              "status": "affected",
              "version": "IPQ9008"
            },
            {
              "status": "affected",
              "version": "IPQ9574"
            },
            {
              "status": "affected",
              "version": "PMP8074"
            },
            {
              "status": "affected",
              "version": "QAM8255P"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA1062"
            },
            {
              "status": "affected",
              "version": "QCA1064"
            },
            {
              "status": "affected",
              "version": "QCA2062"
            },
            {
              "status": "affected",
              "version": "QCA2064"
            },
            {
              "status": "affected",
              "version": "QCA2065"
            },
            {
              "status": "affected",
              "version": "QCA2066"
            },
            {
              "status": "affected",
              "version": "QCA4024"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6420"
            },
            {
              "status": "affected",
              "version": "QCA6421"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6430"
            },
            {
              "status": "affected",
              "version": "QCA6431"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6554A"
            },
            {
              "status": "affected",
              "version": "QCA6564AU"
            },
            {
              "status": "affected",
              "version": "QCA6574"
            },
            {
              "status": "affected",
              "version": "QCA6574A"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6584AU"
            },
            {
              "status": "affected",
              "version": "QCA6595"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6678AQ"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCA6797AQ"
            },
            {
              "status": "affected",
              "version": "QCA8072"
            },
            {
              "status": "affected",
              "version": "QCA8075"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8082"
            },
            {
              "status": "affected",
              "version": "QCA8084"
            },
            {
              "status": "affected",
              "version": "QCA8085"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCA8386"
            },
            {
              "status": "affected",
              "version": "QCA9886"
            },
            {
              "status": "affected",
              "version": "QCA9888"
            },
            {
              "status": "affected",
              "version": "QCA9889"
            },
            {
              "status": "affected",
              "version": "QCA9980"
            },
            {
              "status": "affected",
              "version": "QCA9984"
            },
            {
              "status": "affected",
              "version": "QCA9985"
            },
            {
              "status": "affected",
              "version": "QCA9986"
            },
            {
              "status": "affected",
              "version": "QCA9990"
            },
            {
              "status": "affected",
              "version": "QCA9992"
            },
            {
              "status": "affected",
              "version": "QCA9994"
            },
            {
              "status": "affected",
              "version": "QCM4490"
            },
            {
              "status": "affected",
              "version": "QCM6490"
            },
            {
              "status": "affected",
              "version": "QCN5021"
            },
            {
              "status": "affected",
              "version": "QCN5022"
            },
            {
              "status": "affected",
              "version": "QCN5024"
            },
            {
              "status": "affected",
              "version": "QCN5052"
            },
            {
              "status": "affected",
              "version": "QCN5054"
            },
            {
              "status": "affected",
              "version": "QCN5122"
            },
            {
              "status": "affected",
              "version": "QCN5124"
            },
            {
              "status": "affected",
              "version": "QCN5152"
            },
            {
              "status": "affected",
              "version": "QCN5154"
            },
            {
              "status": "affected",
              "version": "QCN5164"
            },
            {
              "status": "affected",
              "version": "QCN6023"
            },
            {
              "status": "affected",
              "version": "QCN6024"
            },
            {
              "status": "affected",
              "version": "QCN6100"
            },
            {
              "status": "affected",
              "version": "QCN6102"
            },
            {
              "status": "affected",
              "version": "QCN6112"
            },
            {
              "status": "affected",
              "version": "QCN6122"
            },
            {
              "status": "affected",
              "version": "QCN6132"
            },
            {
              "status": "affected",
              "version": "QCN9000"
            },
            {
              "status": "affected",
              "version": "QCN9001"
            },
            {
              "status": "affected",
              "version": "QCN9002"
            },
            {
              "status": "affected",
              "version": "QCN9003"
            },
            {
              "status": "affected",
              "version": "QCN9011"
            },
            {
              "status": "affected",
              "version": "QCN9012"
            },
            {
              "status": "affected",
              "version": "QCN9022"
            },
            {
              "status": "affected",
              "version": "QCN9024"
            },
            {
              "status": "affected",
              "version": "QCN9070"
            },
            {
              "status": "affected",
              "version": "QCN9072"
            },
            {
              "status": "affected",
              "version": "QCN9074"
            },
            {
              "status": "affected",
              "version": "QCN9100"
            },
            {
              "status": "affected",
              "version": "QCN9274"
            },
            {
              "status": "affected",
              "version": "QCS4490"
            },
            {
              "status": "affected",
              "version": "QCS6490"
            },
            {
              "status": "affected",
              "version": "QCS8250"
            },
            {
              "status": "affected",
              "version": "QCS8550"
            },
            {
              "status": "affected",
              "version": "QRB5165M"
            },
            {
              "status": "affected",
              "version": "QRB5165N"
            },
            {
              "status": "affected",
              "version": "QSM8250"
            },
            {
              "status": "affected",
              "version": "QSM8350"
            },
            {
              "status": "affected",
              "version": "Robotics RB5 Platform"
            },
            {
              "status": "affected",
              "version": "SA4150P"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8255P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SC8180X+SDX55"
            },
            {
              "status": "affected",
              "version": "SD 8 Gen1 5G"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "SD888"
            },
            {
              "status": "affected",
              "version": "SDX55"
            },
            {
              "status": "affected",
              "version": "SM7315"
            },
            {
              "status": "affected",
              "version": "SM7325P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 778G 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 780G 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 782G Mobile Platform (SM7325-AF)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 7c+ Gen 3 Compute"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8+ Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 888 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\""
            },
            {
              "status": "affected",
              "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\""
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\""
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon AR2 Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 5G Modem-RF"
            },
            {
              "status": "affected",
              "version": "Snapdragon X55 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X65 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2+ Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 4G Modem"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2130"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9360"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9375"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN6740"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory corruption in WLAN HAL while parsing WMI command parameters."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-129",
              "description": "CWE-129 Improper Validation of Array Index",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:22:52.225Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
        }
      ],
      "title": "Improper Validation of Array Index in WLAN HAL"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-28573",
    "datePublished": "2023-09-05T06:24:25.110Z",
    "dateReserved": "2023-03-17T11:41:45.850Z",
    "dateUpdated": "2024-08-02T13:43:22.725Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28581 (GCVE-0-2023-28581)

Vulnerability from cvelistv5 – Published: 2023-09-05 06:24 – Updated: 2025-02-27 21:01

Title

Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Firmware

Summary

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QCA6391 Affected: QCA6426 Affected: QCA6436 Affected: SD 8 Gen1 5G Affected: SD865 5G Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon AR2 Gen 1 Platform Affected: Snapdragon XR2 5G Platform Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9380 Affected: WCD9385 Affected: WCN6740 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:43:22.572Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28581",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T21:50:57.408296Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T21:01:19.073Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Compute",
            "Snapdragon Connectivity",
            "Snapdragon Consumer Electronics Connectivity",
            "Snapdragon Mobile"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "SD 8 Gen1 5G"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon AR2 Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN6740"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:22:55.750Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin"
        }
      ],
      "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Firmware"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-28581",
    "datePublished": "2023-09-05T06:24:26.366Z",
    "dateReserved": "2023-03-17T11:41:45.852Z",
    "dateUpdated": "2025-02-27T21:01:19.073Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2023-2539

CVE-2023-21244 (GCVE-0-2023-21244)

CVE-2023-21252 (GCVE-0-2023-21252)

CVE-2023-21253 (GCVE-0-2023-21253)

CVE-2023-21266 (GCVE-0-2023-21266)

CVE-2023-21291 (GCVE-0-2023-21291)

CVE-2023-21646 (GCVE-0-2023-21646)

CVE-2023-21653 (GCVE-0-2023-21653)

CVE-2023-28549 (GCVE-0-2023-28549)

CVE-2023-28573 (GCVE-0-2023-28573)

CVE-2023-28581 (GCVE-0-2023-28581)

Tags

Sightings

Nomenclature