CVE-2023-21627

EUVD-2023-25794
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
qualcommCNA
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
Affected Products (NVD)
VendorProductVersion
qualcommaqt1000_firmware
-
qualcommqca6390_firmware
-
qualcommqca6391_firmware
-
qualcommqca6420_firmware
-
qualcommqca6426_firmware
-
qualcommqca6430_firmware
-
qualcommqca6436_firmware
-
qualcommqca6574au_firmware
-
qualcommqca6595au_firmware
-
qualcommqca6696_firmware
-
qualcommqcc5100_firmware
-
qualcommqcs8155_firmware
-
qualcommsa6145p_firmware
-
qualcommsa6150p_firmware
-
qualcommsa6155p_firmware
-
qualcommsa8145p_firmware
-
qualcommsa8150p_firmware
-
qualcommsa8155p_firmware
-
qualcommsa8195p_firmware
-
qualcommsd_8_gen1_5g_firmware
-
qualcommsd855_firmware
-
qualcommsd865_5g_firmware
-
qualcommsd870_firmware
-
qualcommsd888_5g_firmware
-
qualcommsda429w_firmware
-
qualcommsdx55m_firmware
-
qualcommsdxr2_5g_firmware
-
qualcommsw5100_firmware
-
qualcommsw5100p_firmware
-
qualcommwcd9341_firmware
-
qualcommwcd9380_firmware
-
qualcommwcd9385_firmware
-
qualcommwcn3610_firmware
-
qualcommwcn3660b_firmware
-
qualcommwcn3680b_firmware
-
qualcommwcn3980_firmware
-
qualcommwcn3988_firmware
-
qualcommwcn3998_firmware
-
qualcommwcn6850_firmware
-
qualcommwcn6851_firmware
-
qualcommwcn6855_firmware
-
qualcommwcn6856_firmware
-
qualcommwcn7850_firmware
-
qualcommwcn7851_firmware
-
qualcommwsa8810_firmware
-
qualcommwsa8815_firmware
-
qualcommwsa8830_firmware
-
qualcommwsa8835_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin
https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin