CVE-2023-28562

Summary

Memory corruption while handling payloads from remote ESL.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAQT1000affected
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6800affected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6420affected
Qualcomm, Inc.SnapdragonQCA6430affected
Qualcomm, Inc.SnapdragonQCN7606affected
Qualcomm, Inc.SnapdragonQCS410affected
Qualcomm, Inc.SnapdragonQCS610affected
Qualcomm, Inc.SnapdragonSC8180X+SDX55affected
Qualcomm, Inc.SnapdragonSD460affected
Qualcomm, Inc.SnapdragonSD662affected
Qualcomm, Inc.SnapdragonSD730affected
Qualcomm, Inc.SnapdragonSD855affected
Qualcomm, Inc.SnapdragonSDX55affected
Qualcomm, Inc.SnapdragonSM4125affected
Qualcomm, Inc.SnapdragonSM6250affected
Qualcomm, Inc.SnapdragonSM6250Paffected
Qualcomm, Inc.SnapdragonSM7250Paffected
Qualcomm, Inc.SnapdragonSnapdragon 460 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 480 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 480+ 5G Mobile Platform (SM4350-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 662 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 675 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 678 Mobile Platform (SM6150-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 690 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 695 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 720G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 730 Mobile Platform (SM7150-AA)affected
Qualcomm, Inc.SnapdragonSnapdragon 730G Mobile Platform (SM7150-AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 732G Mobile Platform (SM7150-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 750G 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 765 5G Mobile Platform (SM7250-AA)affected
Qualcomm, Inc.SnapdragonSnapdragon 765G 5G Mobile Platform (SM7250-AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 768G 5G Mobile Platform (SM7250-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 855 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 855+/860 Mobile Platform (SM8150-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite"affected
Qualcomm, Inc.SnapdragonSnapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Compute Platform (SC8180X-AA, AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)affected
Qualcomm, Inc.SnapdragonSnapdragon X50 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon X55 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonVision Intelligence 400 Platformaffected
Qualcomm, Inc.SnapdragonWCD9326affected
Qualcomm, Inc.SnapdragonWCD9335affected
Qualcomm, Inc.SnapdragonWCD9340affected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9375affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCN3910affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWCN3990affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References