Qam8295p Firmware
CVE-2023-21642
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Memory corruption in HAB Memory management due to broad system privileges via physical address.
AnalysisAI
Memory corruption in HAB Memory management due to broad system privileges via physical address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-284. Memory corruption in HAB Memory management due to broad system privileges via physical address. Affected products include: Qualcomm Qam8295P Firmware, Qualcomm Qca6574Au Firmware, Qualcomm Qca6696 Firmware, Qualcomm Sa6145P Firmware, Qualcomm Sa6150P Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Qam8295p Firmware
View allA Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo
Memory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vul
Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vuln
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (
Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdr
Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critic
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Rated critical severity (CVSS 9.
Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low
Memory corruption in WLAN HOST while processing the WLAN scan descriptor list. Rated high severity (CVSS 8.8), this vuln
Same weakness CWE-284 – Improper Access Control
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today