315 5g Iot Firmware
CVE-2023-28573
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Memory corruption in WLAN HAL while parsing WMI command parameters.
AnalysisAI
Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-129. Memory corruption in WLAN HAL while parsing WMI command parameters. Affected products include: Qualcomm 315 5G Iot Firmware, Qualcomm Aqt1000 Firmware, Qualcomm Ar8035 Firmware, Qualcomm Ar9380 Firmware, Qualcomm Csr8811 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in 315 5g Iot Firmware
View allMemory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the vid
Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), th
Memory corruption in WLAN HAL while handling command through WMI interfaces. Rated high severity (CVSS 7.8), this vulner
Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability
Memory Corruption in Audio while allocating the ion buffer during the music playback. Rated high severity (CVSS 7.8), th
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Rated high severity (CVSS
Transient DOS may occur while processing malformed length field in SSID IEs.
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.
While processing the authentication message in UE, improper authentication may lead to information disclosure. Rated med
Same weakness CWE-129 – Improper Validation of Array Index
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today