Lucene search

QualcommCVE-2023-43532

HistoryFeb 06, 2024 - 6:16 a.m.

CVE-2023-43532

2024-02-0606:16:02

CWE-763

CWE-822

qualcomm

web.nvd.nist.gov

cve-2023-43532

memory corruption

acpi

user mode app

nvd

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

Percentile

9.0%

JSON

Memory corruption while reading ACPI config through the user mode app.

Affected configurations

Nvd

Node

qualcommfastconnect_6700_firmwareMatch-

AND

qualcommfastconnect_6700Match-

Node

qualcommfastconnect_6900_firmwareMatch-

AND

qualcommfastconnect_6900Match-

Node

qualcommfastconnect_7800_firmwareMatch-

AND

qualcommfastconnect_7800Match-

Node

qualcommsc8380xp_firmwareMatch-

AND

qualcommsc8380xpMatch-

Node

qualcommsnapdragon_7c\+_gen_3_compute_firmwareMatch-

AND

qualcommsnapdragon_7c\+_gen_3_computeMatch-

Node

qualcommsnapdragon_8cx_gen_3_compute_platform_firmwareMatch-

AND

qualcommsnapdragon_8cx_gen_3_compute_platformMatch-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

Node

qualcommwsa8840_firmwareMatch-

AND

qualcommwsa8840Match-

Node

qualcommwsa8845_firmwareMatch-

AND

qualcommwsa8845Match-

Node

qualcommwsa8845h_firmwareMatch-

AND

qualcommwsa8845hMatch-

VendorProductVersionCPE
qualcommfastconnect_6700_firmware-cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_6700-cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*
qualcommfastconnect_6900_firmware-cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_6900-cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
qualcommfastconnect_7800_firmware-cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_7800-cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
qualcommsc8380xp_firmware-cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*
qualcommsc8380xp-cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*
qualcommsnapdragon_7c\+_gen_3_compute_firmware-cpe:2.3:o:qualcomm:snapdragon_7c\+_gen_3_compute_firmware:-:*:*:*:*:*:*:*
qualcommsnapdragon_7c\+_gen_3_compute-cpe:2.3:h:qualcomm:snapdragon_7c\+_gen_3_compute:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	fastconnect_6700_firmware	-	cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:::::::*
qualcomm	fastconnect_6700	-	cpe:2.3:h:qualcomm:fastconnect_6700:-:::::::*
qualcomm	fastconnect_6900_firmware	-	cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::*
qualcomm	fastconnect_6900	-	cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::*
qualcomm	fastconnect_7800_firmware	-	cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::*
qualcomm	fastconnect_7800	-	cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::*
qualcomm	sc8380xp_firmware	-	cpe:2.3:o:qualcomm:sc8380xp_firmware:-:::::::*
qualcomm	sc8380xp	-	cpe:2.3:h:qualcomm:sc8380xp:-:::::::*
qualcomm	snapdragon_7c\+_gen_3_compute_firmware	-	cpe:2.3:o:qualcomm:snapdragon_7c\+_gen_3_compute_firmware:-:::::::*
qualcomm	snapdragon_7c\+_gen_3_compute	-	cpe:2.3:h:qualcomm:snapdragon_7c\+_gen_3_compute:-:::::::*

Rows per page:

1-10 of 261

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Compute"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "FastConnect 6700"
      },
      {
        "status": "affected",
        "version": "FastConnect 6900"
      },
      {
        "status": "affected",
        "version": "FastConnect 7800"
      },
      {
        "status": "affected",
        "version": "SC8380XP"
      },
      {
        "status": "affected",
        "version": "Snapdragon 7c+ Gen 3 Compute"
      },
      {
        "status": "affected",
        "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WCD9385"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      },
      {
        "status": "affected",
        "version": "WSA8840"
      },
      {
        "status": "affected",
        "version": "WSA8845"
      },
      {
        "status": "affected",
        "version": "WSA8845H"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVE-2023-43532