Qcn7606 Firmware
CVE-2023-28561
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Memory corruption in QESL while processing payload from external ESL device to firmware.
AnalysisAI
Memory corruption in QESL while processing payload from external ESL device to firmware. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. Memory corruption in QESL while processing payload from external ESL device to firmware. Affected products include: Qualcomm Qcn7606 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.
More in Qcn7606 Firmware
View allMemory corruption while handling payloads from remote ESL. Rated critical severity (CVSS 9.8), this vulnerability is rem
Memory corruption in video due to configuration weakness. Rated critical severity (CVSS 9.8), this vulnerability is remo
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (
Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdr
Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critic
An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snap
u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Sna
Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low
u'Buffer overflow while processing PDU packet in bluetooth due to lack of check of buffer length before copying into it.
u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before cop
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today