Qca9898 Firmware
CVE-2023-21628
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
AnalysisAI
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. Affected products include: Qualcomm Apq8017 Firmware, Qualcomm Apq8064Au Firmware, Qualcomm Apq8076 Firmware, Qualcomm Apq8092 Firmware, Qualcomm Apq8094 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in Qca9898 Firmware
View allMemory corruption while redirecting log file to any file location with any file name. Rated critical severity (CVSS 9.8)
Memory corruption in WLAN Host while processing RRM beacon on the AP. Rated critical severity (CVSS 9.8), this vulnerabi
Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. Rated critical seve
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (
A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snap
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Com
Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdrago
Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Co
Memory corruption while deinitializing a HDCP session. [CVSS 7.8 HIGH]
Memory corruption when allocating and accessing an entry in an SMEM partition. Rated high severity (CVSS 7.8), this vuln
Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerabil
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. Rated high severity (CV
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today