CVE-2023-21669

Summary

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAQT1000affected
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6800affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFlight RB5 5G Platformaffected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6420affected
Qualcomm, Inc.SnapdragonQCA6421affected
Qualcomm, Inc.SnapdragonQCA6426affected
Qualcomm, Inc.SnapdragonQCA6430affected
Qualcomm, Inc.SnapdragonQCA6431affected
Qualcomm, Inc.SnapdragonQCA6436affected
Qualcomm, Inc.SnapdragonQCM2290affected
Qualcomm, Inc.SnapdragonQCM4290affected
Qualcomm, Inc.SnapdragonQCN9074affected
Qualcomm, Inc.SnapdragonQCS2290affected
Qualcomm, Inc.SnapdragonQCS4290affected
Qualcomm, Inc.SnapdragonQCS8250affected
Qualcomm, Inc.SnapdragonQRB5165Maffected
Qualcomm, Inc.SnapdragonQRB5165Naffected
Qualcomm, Inc.SnapdragonRobotics RB5 Platformaffected
Qualcomm, Inc.SnapdragonSD660affected
Qualcomm, Inc.SnapdragonSD730affected
Qualcomm, Inc.SnapdragonSD855affected
Qualcomm, Inc.SnapdragonSD865 5Gaffected
Qualcomm, Inc.SnapdragonSDM429Waffected
Qualcomm, Inc.SnapdragonSDX55affected
Qualcomm, Inc.SnapdragonSM6250affected
Qualcomm, Inc.SnapdragonSnapdragon 429 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 660 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 675 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 678 Mobile Platform (SM6150-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 720G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 730 Mobile Platform (SM7150-AA)affected
Qualcomm, Inc.SnapdragonSnapdragon 730G Mobile Platform (SM7150-AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 732G Mobile Platform (SM7150-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 855 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 855+/860 Mobile Platform (SM8150-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 865 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 865+ 5G Mobile Platform (SM8250-AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 870 5G Mobile Platform (SM8250-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon X50 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon X55 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon XR2 5G Platformaffected
Qualcomm, Inc.SnapdragonSXR2130affected
Qualcomm, Inc.SnapdragonWCD9335affected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9375affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCN3620affected
Qualcomm, Inc.SnapdragonWCN3660Baffected
Qualcomm, Inc.SnapdragonWCN3910affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWCN3990affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References