Skip to main content

9206 Lte Firmware CVE-2023-33019

HIGH
Improper Authorization (CWE-285)
2023-09-05 product-security@qualcomm.com
Authentication Bypass 9206 Lte Firmware Apq8017 Firmware Apq8052 Firmware Apq8056 Firmware Apq8076 Firmware Ar8031 Firmware C V2x 9150 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware Home Hub 100 Firmware Mdm9250 Firmware Mdm9628 Firmware Mdm9650 Firmware Msm8108 Firmware Msm8209 Firmware Msm8608 Firmware Msm8909W Firmware Msm8996au Firmware Qca6174a Firmware Qca6175A Firmware Qca6554a Firmware Qca6564a Firmware Qca6564au Firmware Qca6574 Firmware Qca6574a Firmware Qca6574au Firmware Qca6584 Firmware Qca6584au Firmware Qca6595 Firmware Qca6595au Firmware Qca6696 Firmware Qca9367 Firmware Qca9377 Firmware Qca9379 Firmware 205 Firmware 215 Firmware Sd626 Firmware Sdm429w Firmware Sdx20m Firmware Smart Audio 200 Firmware Smart Audio 400 Firmware Smart Display 200 Firmware Snapdragon 1200 Firmware Snapdragon 208 Firmware Snapdragon 210 Firmware Snapdragon 212 Firmware Snapdragon 425 Firmware Snapdragon 429 Firmware Snapdragon 439 Firmware Snapdragon 450 Firmware Snapdragon 617 Firmware Snapdragon 625 Firmware Snapdragon 626 Firmware Snapdragon 632 Firmware Snapdragon 650 Firmware Snapdragon 652 Firmware Snapdragon 653 Firmware Snapdragon 820 Firmware Snapdragon Auto 5G Firmware Snapdragon Wear 2100 Firmware Snapdragon Wear 2500 Firmware Snapdragon Wear 3100 Firmware Snapdragon Wear 4100 Firmware Snapdragon X12 Lte Firmware Snapdragon X20 Lte Firmware Snapdragon X5 Lte Firmware Vision Intelligence 100 Firmware Vision Intelligence 200 Firmware Wcd9326 Firmware Wcd9330 Firmware Wcd9335 Firmware Wcn3610 Firmware Wcn3615 Firmware Wcn3620 Firmware Wcn3660 Firmware Wcn3660b Firmware Wcn3680 Firmware Wcn3680b Firmware Wcn3980 Firmware Wsa8810 Firmware Wsa8815 Firmware
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 05, 2023 - 07:15 nvd
HIGH 7.5

DescriptionNVD

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.

AnalysisAI

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-285. Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. Affected products include: Qualcomm 9206 Lte Firmware, Qualcomm Apq8017 Firmware, Qualcomm Apq8052 Firmware, Qualcomm Apq8056 Firmware, Qualcomm Apq8076 Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2023-33019 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy