CVE-2023-33046
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon | AR8035 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6900 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 7800 | affected |
| Qualcomm, Inc. | Snapdragon | Flight RB5 5G Platform | affected |
| Qualcomm, Inc. | Snapdragon | QAM8295P | affected |
| Qualcomm, Inc. | Snapdragon | QCA6391 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6574AU | affected |
| Qualcomm, Inc. | Snapdragon | QCA6595 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6696 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6698AQ | affected |
| Qualcomm, Inc. | Snapdragon | QCA8081 | affected |
| Qualcomm, Inc. | Snapdragon | QCA8337 | affected |
| Qualcomm, Inc. | Snapdragon | QCM8550 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6024 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9011 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9012 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9024 | affected |
| Qualcomm, Inc. | Snapdragon | QCS7230 | affected |
| Qualcomm, Inc. | Snapdragon | QCS8250 | affected |
| Qualcomm, Inc. | Snapdragon | QCS8550 | affected |
| Qualcomm, Inc. | Snapdragon | QRB5165M | affected |
| Qualcomm, Inc. | Snapdragon | QRB5165N | affected |
| Qualcomm, Inc. | Snapdragon | Qualcomm Video Collaboration VC5 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Robotics RB5 Platform | affected |
| Qualcomm, Inc. | Snapdragon | SA8295P | affected |
| Qualcomm, Inc. | Snapdragon | SA8540P | affected |
| Qualcomm, Inc. | Snapdragon | SA9000P | affected |
| Qualcomm, Inc. | Snapdragon | SG8275P | affected |
| Qualcomm, Inc. | Snapdragon | SM8550P | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8 Gen 2 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8+ Gen 2 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon AR2 Gen 1 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X65 5G Modem-RF System | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X70 Modem-RF System | affected |
| Qualcomm, Inc. | Snapdragon | SSG2115P | affected |
| Qualcomm, Inc. | Snapdragon | SSG2125P | affected |
| Qualcomm, Inc. | Snapdragon | SXR1230P | affected |
| Qualcomm, Inc. | Snapdragon | SXR2230P | affected |
| Qualcomm, Inc. | Snapdragon | WCD9380 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9385 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9390 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9395 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8830 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8832 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8835 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8840 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8845 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8845H | affected |
Weaknesses
- CWE-367: CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.