Skip to main content

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 08, 2023 - 10:15 nvd
HIGH 7.8

DescriptionNVD

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it.

AnalysisAI

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-823. The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm C-V2X 9150 Firmware, Qualcomm Fastconnect 6200 Firmware, Qualcomm Fastconnect 6800 Firmware, Qualcomm Fastconnect 6900 Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-21480 HIGH
8.6 Jun 03

Qualcomm GPU micronode contains a memory corruption vulnerability (CVE-2025-21480, CVSS 8.6) caused by unauthorized comm

CVE-2025-21479 HIGH
8.6 Jun 03

A second Qualcomm GPU micronode memory corruption vulnerability (CVE-2025-21479, CVSS 8.6) exists in the unauthorized co

CVE-2023-22388 CRITICAL
9.8 Nov 07

Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this v

CVE-2023-22385 CRITICAL
9.8 Oct 03

Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulner

CVE-2023-28562 CRITICAL
9.8 Sep 05

Memory corruption while handling payloads from remote ESL. Rated critical severity (CVSS 9.8), this vulnerability is rem

CVE-2023-21631 CRITICAL
9.8 Jul 04

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received

CVE-2022-33234 CRITICAL
9.8 Nov 15

Memory corruption in video due to configuration weakness. Rated critical severity (CVSS 9.8), this vulnerability is remo

CVE-2022-25748 CRITICAL
9.8 Oct 19

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (

CVE-2022-25720 CRITICAL
9.8 Oct 19

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute

CVE-2022-25687 CRITICAL
9.8 Oct 19

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdr

CVE-2022-25688 CRITICAL
9.8 Sep 16

Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, S

CVE-2022-25686 CRITICAL
9.8 Sep 16

Memory corruption in video module due to buffer overflow while processing WAV file in Snapdragon Auto, Snapdragon Comput

Share

CVE-2023-28575 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy