Lucene search

QualcommCVE-2023-21625

HistoryAug 08, 2023 - 10:15 a.m.

CVE-2023-21625

2023-08-0810:15:13

CWE-126

CWE-125

qualcomm

web.nvd.nist.gov

cve-2023-21625

information disclosure

network services

buffer over-read

dns response

nvd

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

45.8%

JSON

Information disclosure in Network Services due to buffer over-read while the device receives DNS response.

Affected configurations

Nvd

Node

qualcommapq8009_firmwareMatch-

AND

qualcommapq8009Match-

Node

qualcommapq8017_firmwareMatch-

AND

qualcommapq8017Match-

Node

qualcommapq8037_firmwareMatch-

AND

qualcommapq8037Match-

Node

qualcommar8031_firmwareMatch-

AND

qualcommar8031Match-

Node

qualcommcsra6620_firmwareMatch-

AND

qualcommcsra6620Match-

Node

qualcommcsra6640_firmwareMatch-

AND

qualcommcsra6640Match-

Node

qualcommmdm9205_firmwareMatch-

AND

qualcommmdm9205Match-

Node

qualcommmdm9250_firmwareMatch-

AND

qualcommmdm9250Match-

Node

qualcommmdm9650_firmwareMatch-

AND

qualcommmdm9650Match-

Node

qualcommmsm8108_firmwareMatch-

AND

qualcommmsm8108Match-

Node

qualcommmsm8208_firmwareMatch-

AND

qualcommmsm8208Match-

Node

qualcommmsm8209_firmwareMatch-

AND

qualcommmsm8209Match-

Node

qualcommmsm8608_firmwareMatch-

AND

qualcommmsm8608Match-

Node

qualcommmsm8917_firmwareMatch-

AND

qualcommmsm8917Match-

Node

qualcommmsm8937_firmwareMatch-

AND

qualcommmsm8937Match-

Node

qualcommqca4004_firmwareMatch-

AND

qualcommqca4004Match-

Node

qualcommqca4010_firmwareMatch-

AND

qualcommqca4010Match-

Node

qualcommqca4020_firmwareMatch-

AND

qualcommqca4020Match-

Node

qualcommqca4024_firmwareMatch-

AND

qualcommqca4024Match-

Node

qualcommqca6174a_firmwareMatch-

AND

qualcommqca6174aMatch-

Node

qualcommqca6564a_firmwareMatch-

AND

qualcommqca6564aMatch-

Node

qualcommqca6564au_firmwareMatch-

AND

qualcommqca6564auMatch-

Node

qualcommqca6574a_firmwareMatch-

AND

qualcommqca6574aMatch-

Node

qualcommqca6574au_firmwareMatch-

AND

qualcommqca6574auMatch-

Node

qualcommqca9377_firmwareMatch-

AND

qualcommqca9377Match-

Node

qualcommqcs405_firmwareMatch-

AND

qualcommqcs405Match-

Node

qualcommqts110_firmwareMatch-

AND

qualcommqts110Match-

Node

qualcommsd205_firmwareMatch-

AND

qualcommsd205Match-

Node

qualcommsd210_firmwareMatch-

AND

qualcommsd210Match-

Node

qualcommsd429_firmwareMatch-

AND

qualcommsd429Match-

Node

qualcommsd439_firmwareMatch-

AND

qualcommsd439Match-

Node

qualcommsd835_firmwareMatch-

AND

qualcommsd835Match-

Node

qualcommwcd9306_firmwareMatch-

AND

qualcommwcd9306Match-

Node

qualcommwcd9326_firmwareMatch-

AND

qualcommwcd9326Match-

Node

qualcommwcd9335_firmwareMatch-

AND

qualcommwcd9335Match-

Node

qualcommwcd9340_firmwareMatch-

AND

qualcommwcd9340Match-

Node

qualcommwcn3610_firmwareMatch-

AND

qualcommwcn3610Match-

Node

qualcommwcn3615_firmwareMatch-

AND

qualcommwcn3615Match-

Node

qualcommwcn3660b_firmwareMatch-

AND

qualcommwcn3660bMatch-

Node

qualcommwcn3680b_firmwareMatch-

AND

qualcommwcn3680bMatch-

Node

qualcommwcn3980_firmwareMatch-

AND

qualcommwcn3980Match-

Node

qualcommwcn3990_firmwareMatch-

AND

qualcommwcn3990Match-

Node

qualcommwcn3998_firmwareMatch-

AND

qualcommwcn3998Match-

Node

qualcommwcn3999_firmwareMatch-

AND

qualcommwcn3999Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

VendorProductVersionCPE
qualcommapq8009_firmware-cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
qualcommapq8009-cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*
qualcommapq8017_firmware-cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
qualcommapq8017-cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*
qualcommapq8037_firmware-cpe:2.3:o:qualcomm:apq8037_firmware:-:*:*:*:*:*:*:*
qualcommapq8037-cpe:2.3:h:qualcomm:apq8037:-:*:*:*:*:*:*:*
qualcommar8031_firmware-cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*
qualcommar8031-cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*
qualcommcsra6620_firmware-cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
qualcommcsra6620-cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	apq8009_firmware	-	cpe:2.3:o:qualcomm:apq8009_firmware:-:::::::*
qualcomm	apq8009	-	cpe:2.3:h:qualcomm:apq8009:-:::::::*
qualcomm	apq8017_firmware	-	cpe:2.3:o:qualcomm:apq8017_firmware:-:::::::*
qualcomm	apq8017	-	cpe:2.3:h:qualcomm:apq8017:-:::::::*
qualcomm	apq8037_firmware	-	cpe:2.3:o:qualcomm:apq8037_firmware:-:::::::*
qualcomm	apq8037	-	cpe:2.3:h:qualcomm:apq8037:-:::::::*
qualcomm	ar8031_firmware	-	cpe:2.3:o:qualcomm:ar8031_firmware:-:::::::*
qualcomm	ar8031	-	cpe:2.3:h:qualcomm:ar8031:-:::::::*
qualcomm	csra6620_firmware	-	cpe:2.3:o:qualcomm:csra6620_firmware:-:::::::*
qualcomm	csra6620	-	cpe:2.3:h:qualcomm:csra6620:-:::::::*

Rows per page:

1-10 of 921

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto",
      "Snapdragon Compute",
      "Snapdragon Consumer IOT",
      "Snapdragon Industrial IOT",
      "Snapdragon Mobile",
      "Snapdragon Voice & Music",
      "Snapdragon Wearables"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8009"
      },
      {
        "status": "affected",
        "version": "APQ8017"
      },
      {
        "status": "affected",
        "version": "APQ8037"
      },
      {
        "status": "affected",
        "version": "AR8031"
      },
      {
        "status": "affected",
        "version": "CSRA6620"
      },
      {
        "status": "affected",
        "version": "CSRA6640"
      },
      {
        "status": "affected",
        "version": "MDM9205"
      },
      {
        "status": "affected",
        "version": "MDM9250"
      },
      {
        "status": "affected",
        "version": "MDM9650"
      },
      {
        "status": "affected",
        "version": "MSM8108"
      },
      {
        "status": "affected",
        "version": "MSM8208"
      },
      {
        "status": "affected",
        "version": "MSM8209"
      },
      {
        "status": "affected",
        "version": "MSM8608"
      },
      {
        "status": "affected",
        "version": "MSM8917"
      },
      {
        "status": "affected",
        "version": "MSM8937"
      },
      {
        "status": "affected",
        "version": "QCA4004"
      },
      {
        "status": "affected",
        "version": "QCA4010"
      },
      {
        "status": "affected",
        "version": "QCA4020"
      },
      {
        "status": "affected",
        "version": "QCA4024"
      },
      {
        "status": "affected",
        "version": "QCA6174A"
      },
      {
        "status": "affected",
        "version": "QCA6564A"
      },
      {
        "status": "affected",
        "version": "QCA6564AU"
      },
      {
        "status": "affected",
        "version": "QCA6574A"
      },
      {
        "status": "affected",
        "version": "QCA6574AU"
      },
      {
        "status": "affected",
        "version": "QCA9377"
      },
      {
        "status": "affected",
        "version": "QCS405"
      },
      {
        "status": "affected",
        "version": "QTS110"
      },
      {
        "status": "affected",
        "version": "SD205"
      },
      {
        "status": "affected",
        "version": "SD210"
      },
      {
        "status": "affected",
        "version": "SD429"
      },
      {
        "status": "affected",
        "version": "SD439"
      },
      {
        "status": "affected",
        "version": "SD835"
      },
      {
        "status": "affected",
        "version": "WCD9306"
      },
      {
        "status": "affected",
        "version": "WCD9326"
      },
      {
        "status": "affected",
        "version": "WCD9335"
      },
      {
        "status": "affected",
        "version": "WCD9340"
      },
      {
        "status": "affected",
        "version": "WCN3610"
      },
      {
        "status": "affected",
        "version": "WCN3615"
      },
      {
        "status": "affected",
        "version": "WCN3660B"
      },
      {
        "status": "affected",
        "version": "WCN3680B"
      },
      {
        "status": "affected",
        "version": "WCN3980"
      },
      {
        "status": "affected",
        "version": "WCN3990"
      },
      {
        "status": "affected",
        "version": "WCN3998"
      },
      {
        "status": "affected",
        "version": "WCN3999"
      },
      {
        "status": "affected",
        "version": "WSA8810"
      },
      {
        "status": "affected",
        "version": "WSA8815"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

45.8%

JSON

Related for CVE-2023-21625