CVE-2023-33100 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
qualcomm	CNA	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 31%

Affected Products (NVD)

Vendor	Product	Version
qualcomm	ar8035_firmware	-
qualcomm	fastconnect_6700_firmware	-
qualcomm	fastconnect_6900_firmware	-
qualcomm	fastconnect_7800_firmware	-
qualcomm	qca6174a_firmware	-
qualcomm	qca6584au_firmware	-
qualcomm	qca6698aq_firmware	-
qualcomm	qca8081_firmware	-
qualcomm	qca8337_firmware	-
qualcomm	qcc710_firmware	-
qualcomm	qcm4490_firmware	-
qualcomm	qcm8550_firmware	-
qualcomm	qcn6024_firmware	-
qualcomm	qcn6224_firmware	-
qualcomm	qcn6274_firmware	-
qualcomm	qcn9024_firmware	-
qualcomm	qcs4490_firmware	-
qualcomm	qcs8550_firmware	-
qualcomm	qep8111_firmware	-
qualcomm	qfw7114_firmware	-
qualcomm	qfw7124_firmware	-
qualcomm	sg8275p_firmware	-
qualcomm	sm8550p_firmware	-
qualcomm	snapdragon_4_gen_2_mobile_firmware	-
qualcomm	snapdragon_8_gen_1_mobile_firmware	-
qualcomm	snapdragon_8_gen_2_mobile_firmware	-
qualcomm	snapdragon_8_gen_3_mobile_firmware	-
qualcomm	snapdragon_8\+_gen_1_mobile_firmware	-
qualcomm	snapdragon_8\+_gen_2_mobile_firmware	-
qualcomm	snapdragon_auto_5g_modem-rf_gen_2_firmware	-
qualcomm	snapdragon_x35_5g_modem-rf_firmware	-
qualcomm	snapdragon_x65_5g_modem-rf_firmware	-
qualcomm	snapdragon_x70_modem-rf_firmware	-
qualcomm	snapdragon_x75_5g_modem-rf_firmware	-
qualcomm	wcd9340_firmware	-
qualcomm	wcd9370_firmware	-
qualcomm	wcd9380_firmware	-
qualcomm	wcd9385_firmware	-
qualcomm	wcd9390_firmware	-
qualcomm	wcd9395_firmware	-
qualcomm	wcn3950_firmware	-
qualcomm	wcn3988_firmware	-
qualcomm	wsa8810_firmware	-
qualcomm	wsa8815_firmware	-
qualcomm	wsa8830_firmware	-
qualcomm	wsa8832_firmware	-
qualcomm	wsa8835_firmware	-
qualcomm	wsa8840_firmware	-
qualcomm	wsa8845_firmware	-
qualcomm	wsa8845h_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html