8.4

CVE-2023-33071

Improper Access Control in Automotive OS Platform Android

Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommQca6574 Firmware Version-
   QualcommQca6574 Version-
QualcommQca6574a Firmware Version-
   QualcommQca6574a Version-
QualcommQca6574au Firmware Version-
   QualcommQca6574au Version-
QualcommQca6595au Firmware Version-
   QualcommQca6595au Version-
QualcommSa6145p Firmware Version-
   QualcommSa6145p Version-
QualcommSa6150p Firmware Version-
   QualcommSa6150p Version-
QualcommSa6155 Firmware Version-
   QualcommSa6155 Version-
QualcommSa6155p Firmware Version-
   QualcommSa6155p Version-
QualcommSa8145p Firmware Version-
   QualcommSa8145p Version-
QualcommSa8150p Firmware Version-
   QualcommSa8150p Version-
QualcommSa8155 Firmware Version-
   QualcommSa8155 Version-
QualcommSa8155p Firmware Version-
   QualcommSa8155p Version-
QualcommSa8195p Firmware Version-
   QualcommSa8195p Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.07% 0.203
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com 8.4 2.5 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.