Skip to main content

9205 Lte Modem Firmware CVE-2023-33032

CRITICAL
Integer Overflow or Wraparound (CWE-190)
2024-01-02 product-security@qualcomm.com
Integer Overflow Buffer Overflow 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware C V2x 9150 Firmware Csr8811 Firmware Csra6620 Firmware Csra6640 Firmware Csrb31024 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware Fsm10056 Firmware Ipq6000 Firmware Ipq6005 Firmware Ipq6010 Firmware Ipq6018 Firmware Ipq6028 Firmware Ipq9008 Firmware Ipq9574 Firmware Qca4004 Firmware Qca4024 Firmware Qca6174a Firmware Qca6391 Firmware Qca6420 Firmware Qca6430 Firmware Qca6564 Firmware Qca6564a Firmware Qca6564au Firmware Qca6574 Firmware Qca6574a Firmware Qca6574au Firmware Qca6595 Firmware Qca6595au Firmware Qca6696 Firmware Qca8072 Firmware Qca8075 Firmware Qca8081 Firmware Qca8082 Firmware Qca8084 Firmware Qca8085 Firmware Qca8386 Firmware Qca9377 Firmware Qcm6125 Firmware Qcn5021 Firmware Qcn5022 Firmware Qcn5052 Firmware Qcn5121 Firmware Qcn5122 Firmware Qcn5152 Firmware Qcn6023 Firmware Qcn6024 Firmware Qcn9000 Firmware Qcn9022 Firmware Qcn9024 Firmware Qcn9070 Firmware Qcn9072 Firmware Qcn9074 Firmware Qcn9274 Firmware Qcs410 Firmware Qcs610 Firmware Qcs6125 Firmware Qcs8155 Firmware Qts110 Firmware Sa4150p Firmware Sa4155p Firmware Sa6145p Firmware Sa6150p Firmware Sa6155 Firmware Sa6155p Firmware Sa8145p Firmware Sa8150p Firmware Sa8155 Firmware Sa8155p Firmware Sa8195p Firmware Sc8180X Sdx55 Firmware Sd 675 Firmware Sd675 Firmware Sd730 Firmware Sd855 Firmware Sdx55 Firmware Sm6250 Firmware Sm6250p Firmware Smart Audio 400 Platform Firmware Snapdragon 665 Mobile Platform Firmware Snapdragon 675 Mobile Platform Firmware Snapdragon 678 Mobile Platform Firmware Snapdragon 720g Mobile Platform Firmware Snapdragon 730 Mobile Platform Firmware Snapdragon 730G Mobile Platform Firmware Snapdragon 732G Mobile Platform Firmware Snapdragon 7c Compute Platform Firmware Snapdragon 7c Gen 2 Compute Platform Firmware Snapdragon 855 Mobile Platform Firmware Snapdragon 855 860 Mobile Platform Firmware Snapdragon 8c Compute Platform Firmware Snapdragon 8cx Compute Platform Firmware Snapdragon 8cx Gen 2 5g Compute Platform Firmware Snapdragon Auto 5g Modem Rf Firmware Snapdragon Wear 1300 Platform Firmware Snapdragon X24 Lte Modem Firmware Snapdragon X50 5g Modem Rf System Firmware Snapdragon X55 5g Modem Rf System Firmware Snapdragon Auto 4g Modem Firmware Wcd9306 Firmware Wcd9335 Firmware Wcd9340 Firmware Wcd9341 Firmware Wcd9370 Firmware Wcd9371 Firmware Wcd9375 Firmware Wcd9380 Firmware Wcn3950 Firmware Wcn3980 Firmware Wcn3988 Firmware Wcn3990 Firmware Wcn3999 Firmware Wsa8810 Firmware Wsa8815 Firmware
9.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.3 CRITICAL
AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 19:33 vuln.today
CVE Published
Jan 02, 2024 - 06:15 nvd
CRITICAL 9.3

DescriptionCVE.org

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

AnalysisAI

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Affected products include: Qualcomm 9205 Lte Modem Firmware, Qualcomm Aqt1000 Firmware, Qualcomm Ar8031 Firmware, Qualcomm C-V2X 9150 Firmware, Qualcomm Csr8811 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.

CVE-2023-22388 CRITICAL
9.8 Nov 07

Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this v

CVE-2023-22385 CRITICAL
9.8 Oct 03

Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulner

CVE-2023-33030 CRITICAL
9.3 Jan 02

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no

CVE-2023-28585 HIGH
8.8 Dec 05

Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low

CVE-2023-33033 HIGH
8.4 Jan 02

Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability i

CVE-2024-23359 HIGH
8.2 Sep 02

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated

CVE-2024-33056 HIGH
7.8 Dec 02

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.

CVE-2024-21469 HIGH
7.8 Jul 01

Memory corruption when an invoke call and a TEE call are bound for the same trusted application. Rated high severity (CV

CVE-2024-21465 HIGH
7.8 Jul 01

Memory corruption while processing key blob passed by the user. Rated high severity (CVSS 7.8), this vulnerability is lo

CVE-2024-21461 HIGH
7.8 Jul 01

Memory corruption while performing finish HMAC operation when context is freed by keymaster. Rated high severity (CVSS 7

CVE-2023-33018 HIGH
7.8 Dec 05

Memory corruption while using the UIM diag command to get the operators name. Rated high severity (CVSS 7.8), this vulne

CVE-2023-33017 HIGH
7.8 Dec 05

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Rated high severity (CVSS 7.8), this v

Share

CVE-2023-33032 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy