CVE-2023-21669
8.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Summary
Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon | AQT1000 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6200 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6800 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6900 | affected |
| Qualcomm, Inc. | Snapdragon | Flight RB5 5G Platform | affected |
| Qualcomm, Inc. | Snapdragon | QCA6391 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6420 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6421 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6426 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6430 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6431 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6436 | affected |
| Qualcomm, Inc. | Snapdragon | QCM2290 | affected |
| Qualcomm, Inc. | Snapdragon | QCM4290 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9074 | affected |
| Qualcomm, Inc. | Snapdragon | QCS2290 | affected |
| Qualcomm, Inc. | Snapdragon | QCS4290 | affected |
| Qualcomm, Inc. | Snapdragon | QCS8250 | affected |
| Qualcomm, Inc. | Snapdragon | QRB5165M | affected |
| Qualcomm, Inc. | Snapdragon | QRB5165N | affected |
| Qualcomm, Inc. | Snapdragon | Robotics RB5 Platform | affected |
| Qualcomm, Inc. | Snapdragon | SD660 | affected |
| Qualcomm, Inc. | Snapdragon | SD730 | affected |
| Qualcomm, Inc. | Snapdragon | SD855 | affected |
| Qualcomm, Inc. | Snapdragon | SD865 5G | affected |
| Qualcomm, Inc. | Snapdragon | SDM429W | affected |
| Qualcomm, Inc. | Snapdragon | SDX55 | affected |
| Qualcomm, Inc. | Snapdragon | SM6250 | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 429 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 660 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 675 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 678 Mobile Platform (SM6150-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 720G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 730 Mobile Platform (SM7150-AA) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 730G Mobile Platform (SM7150-AB) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 732G Mobile Platform (SM7150-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 855 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 855+/860 Mobile Platform (SM8150-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 865 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 865+ 5G Mobile Platform (SM8250-AB) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 870 5G Mobile Platform (SM8250-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X50 5G Modem-RF System | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X55 5G Modem-RF System | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon XR2 5G Platform | affected |
| Qualcomm, Inc. | Snapdragon | SXR2130 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9335 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9341 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9370 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9375 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9380 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9385 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3620 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3660B | affected |
| Qualcomm, Inc. | Snapdragon | WCN3910 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3950 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3980 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3988 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3990 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8810 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8815 | affected |
Weaknesses
- CWE-126: CWE-126 Buffer Over-read
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.