315 5g Iot Firmware
CVE-2023-22387
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
AnalysisAI
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-823. Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Affected products include: Qualcomm 315 5G Iot Firmware, Qualcomm Apq8017 Firmware, Qualcomm Aqt1000 Firmware, Qualcomm Ar8031 Firmware, Qualcomm Ar8035 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in 315 5g Iot Firmware
View allMemory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the vid
Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), th
Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability i
Memory corruption in WLAN HAL while handling command through WMI interfaces. Rated high severity (CVSS 7.8), this vulner
Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability
Memory Corruption in Audio while allocating the ion buffer during the music playback. Rated high severity (CVSS 7.8), th
Transient DOS may occur while processing malformed length field in SSID IEs.
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.
While processing the authentication message in UE, improper authentication may lead to information disclosure. Rated med
Same weakness CWE-823 – Use of Out-of-range Pointer Offset
View allSame technique Memory Corruption
View allShare
External POC / Exploit Code
Leaving vuln.today