CVE-2023-33024

Summary

Memory corruption while sending SMS from AP firmware.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAQT1000affected
Qualcomm, Inc.SnapdragonAR8035affected
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6800affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQAM8295Paffected
Qualcomm, Inc.SnapdragonQCA6310affected
Qualcomm, Inc.SnapdragonQCA6320affected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6420affected
Qualcomm, Inc.SnapdragonQCA6426affected
Qualcomm, Inc.SnapdragonQCA6430affected
Qualcomm, Inc.SnapdragonQCA6436affected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA8081affected
Qualcomm, Inc.SnapdragonQCA8337affected
Qualcomm, Inc.SnapdragonQCC710affected
Qualcomm, Inc.SnapdragonQCN6224affected
Qualcomm, Inc.SnapdragonQCN6274affected
Qualcomm, Inc.SnapdragonQFW7114affected
Qualcomm, Inc.SnapdragonQFW7124affected
Qualcomm, Inc.SnapdragonSA4150Paffected
Qualcomm, Inc.SnapdragonSA4155Paffected
Qualcomm, Inc.SnapdragonSA6145Paffected
Qualcomm, Inc.SnapdragonSA6150Paffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA8145Paffected
Qualcomm, Inc.SnapdragonSA8150Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSA8295Paffected
Qualcomm, Inc.SnapdragonSD835affected
Qualcomm, Inc.SnapdragonSD855affected
Qualcomm, Inc.SnapdragonSD865 5Gaffected
Qualcomm, Inc.SnapdragonSnapdragon 835 Mobile PC Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 855 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 855+/860 Mobile Platform (SM8150-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 865 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 865+ 5G Mobile Platform (SM8250-AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 870 5G Mobile Platform (SM8250-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon Auto 5G Modem-RFaffected
Qualcomm, Inc.SnapdragonSnapdragon W5+ Gen 1 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon Wear 4100+ Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon X55 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon X75 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon XR2 5G Platformaffected
Qualcomm, Inc.SnapdragonSW5100affected
Qualcomm, Inc.SnapdragonSW5100Paffected
Qualcomm, Inc.SnapdragonSXR2130affected
Qualcomm, Inc.SnapdragonWCD9335affected
Qualcomm, Inc.SnapdragonWCD9340affected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCN3610affected
Qualcomm, Inc.SnapdragonWCN3660Baffected
Qualcomm, Inc.SnapdragonWCN3680Baffected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWCN3990affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References