CVE-2023-21671

EPSS 0.06%
Veröffentlicht 07.11.2023 06:15:08
Zuletzt bearbeitet 11.08.2025 15:06:17
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Memory Corruption in Core during syscall for Sectools Fuse comparison feature.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Fastconnect 6700 Firmware Version-

Qualcomm ≫ Fastconnect 6700 Version-

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900 Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qcm6490 Firmware Version-

Qualcomm ≫ Qcm6490 Version-

Qualcomm ≫ Qcs6490 Firmware Version-

Qualcomm ≫ Qcs6490 Version-

Qualcomm ≫ Qsm8350 Firmware Version-

Qualcomm ≫ Qsm8350 Version-

Qualcomm ≫ Video Collaboration Vc3 Platform Firmware Version-

Qualcomm ≫ Video Collaboration Vc3 Platform Version-

Qualcomm ≫ Sd888 Firmware Version-

Qualcomm ≫ Sd888 Version-

Qualcomm ≫ Sm7315 Firmware Version-

Qualcomm ≫ Sm7315 Version-

Qualcomm ≫ Sm7325p Firmware Version-

Qualcomm ≫ Sm7325p Version-

Qualcomm ≫ Snapdragon 778g 5g Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 778g 5g Mobile Platform Version-

Qualcomm ≫ Snapdragon 780g 5g Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 780g 5g Mobile Platform Version-

Qualcomm ≫ Snapdragon 782g Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 782g Mobile Platform Version-

Qualcomm ≫ Snapdragon 888 5g Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 888 5g Mobile Platform Version-

Qualcomm ≫ Wcd9370 Firmware Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcd9375 Firmware Version-

Qualcomm ≫ Wcd9375 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcn6740 Firmware Version-

Qualcomm ≫ Wcn6740 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.161

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com	9.3	2.5	6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-21671

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-21671

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-21671

EUVD