CVE-2023-28582 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
qualcomm	ar8035_firmware	-
qualcomm	fastconnect_6700_firmware	-
qualcomm	fastconnect_6900_firmware	-
qualcomm	fastconnect_7800_firmware	-
qualcomm	qca6584au_firmware	-
qualcomm	qca6698aq_firmware	-
qualcomm	qca8081_firmware	-
qualcomm	qca8337_firmware	-
qualcomm	qcc710_firmware	-
qualcomm	qcm4490_firmware	-
qualcomm	qcm8550_firmware	-
qualcomm	qcn6024_firmware	-
qualcomm	qcn6224_firmware	-
qualcomm	qcn6274_firmware	-
qualcomm	qcn9024_firmware	-
qualcomm	qcs4490_firmware	-
qualcomm	qfw7114_firmware	-
qualcomm	qfw7124_firmware	-
qualcomm	sm8550p_firmware	-
qualcomm	snapdragon_4_gen_2_mobile_firmware	-
qualcomm	snapdragon_8_gen_2_mobile_firmware	-
qualcomm	snapdragon_8_gen_3_mobile_firmware	-
qualcomm	snapdragon_8\+_gen_2_mobile_firmware	-
qualcomm	snapdragon_auto_5g_modem-rf_gen_2_firmware	-
qualcomm	snapdragon_x65_5g_modem-rf_firmware	-
qualcomm	snapdragon_x70_modem-rf_firmware	-
qualcomm	snapdragon_x75_5g_modem-rf_firmware	-
qualcomm	wcd9340_firmware	-
qualcomm	wcd9370_firmware	-
qualcomm	wcd9380_firmware	-
qualcomm	wcd9385_firmware	-
qualcomm	wcd9390_firmware	-
qualcomm	wcd9395_firmware	-
qualcomm	wcn3950_firmware	-
qualcomm	wcn3988_firmware	-
qualcomm	wsa8810_firmware	-
qualcomm	wsa8815_firmware	-
qualcomm	wsa8830_firmware	-
qualcomm	wsa8832_firmware	-
qualcomm	wsa8835_firmware	-
qualcomm	wsa8840_firmware	-
qualcomm	wsa8845_firmware	-
qualcomm	wsa8845h_firmware	-

𝑥

= Vulnerable software versions

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
qualcomm	ar8035_firmware	𝑥 ≤ *	ADP
qualcomm	fastconnect_6700_firmware	𝑥 ≤ *	ADP
qualcomm	fastconnect_6900_firmware	𝑥 ≤ *	ADP
qualcomm	fastconnect_7800_firmware	𝑥 ≤ *	ADP
qualcomm	qca6584au_firmware	𝑥 ≤ *	ADP
qualcomm	qca6698aq_firmware	𝑥 ≤ *	ADP
qualcomm	qca8081_firmware	𝑥 ≤ *	ADP
qualcomm	qca8337_firmware	𝑥 ≤ *	ADP
qualcomm	qcc710_firmware	𝑥 ≤ *	ADP
qualcomm	qcm4490_firmware	𝑥 ≤ *	ADP
qualcomm	qcm8550_firmware	𝑥 ≤ *	ADP
qualcomm	qcn6024_firmware	𝑥 ≤ *	ADP
qualcomm	qcn6224_firmware	𝑥 ≤ *	ADP
qualcomm	qcn6274_firmware	𝑥 ≤ *	ADP
qualcomm	qcn9024_firmware	𝑥 ≤ *	ADP
qualcomm	qcs4490_firmware	𝑥 ≤ *	ADP
qualcomm	qfw7114_firmware	𝑥 ≤ *	ADP
qualcomm	qfw7124_firmware	𝑥 ≤ *	ADP
qualcomm	sm8550p_firmware	𝑥 ≤ *	ADP
qualcomm	snapdragon_4_gen_2_mobile_platform_firmware	𝑥 ≤ *	ADP
qualcomm	snapdragon_8_gen_2_mobile_platform_firmware	𝑥 ≤ *	ADP
qualcomm	snapdragon_8_gen_3_mobile_platform_firmware	𝑥 ≤ *	ADP
qualcomm	snapdragon_auto_5g_modem-rf_gen_2_firmware	𝑥 ≤ *	ADP
qualcomm	snapdragon_x65_5g_modem-rf_system_firmware	𝑥 ≤ *	ADP
qualcomm	snapdragon_x70_modem-rf_system_firmware	𝑥 ≤ *	ADP
qualcomm	snapdragon_x75_5g_modem-rf_system_firmware	𝑥 ≤ *	ADP
qualcomm	wcd9340_firmware	𝑥 ≤ *	ADP
qualcomm	wcd9370_firmware	𝑥 ≤ *	ADP
qualcomm	wcd9380_firmware	𝑥 ≤ *	ADP
qualcomm	wcd9385_firmware	𝑥 ≤ *	ADP
qualcomm	wcd9390_firmware	𝑥 ≤ *	ADP
qualcomm	wcd9395_firmware	𝑥 ≤ *	ADP
qualcomm	wcn3950_firmware	𝑥 ≤ *	ADP
qualcomm	wcn3988_firmware	𝑥 ≤ *	ADP
qualcomm	wsa8810_firmware	𝑥 ≤ *	ADP
qualcomm	wsa8815_firmware	𝑥 ≤ *	ADP
qualcomm	wsa8830_firmware	𝑥 ≤ *	ADP
qualcomm	wsa8832_firmware	𝑥 ≤ *	ADP
qualcomm	wsa8835_firmware	𝑥 ≤ *	ADP
qualcomm	wsa8840_firmware	𝑥 ≤ *	ADP
qualcomm	wsa8845_firmware	𝑥 ≤ *	ADP
qualcomm	wsa8845h_firmware	𝑥 ≤ *	ADP

Common Weakness Enumeration

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CWE-787 - Out-of-bounds Write
The software writes data past the end, or before the beginning, of the intended buffer.

References

https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin