Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00133.

Exploitation none

Automatable yes

Technical Impact total

Affected Vendors & Products

Vendors Products
Qualcomm
  • Fastconnect 6800
  • Fastconnect 6800 Firmware
  • Fastconnect 6900
  • Fastconnect 6900 Firmware
  • Fastconnect 7800
  • Fastconnect 7800 Firmware
  • Qca6391
  • Qca6391 Firmware
  • Qca6426
  • Qca6426 Firmware
  • Qca6436
  • Qca6436 Firmware
  • Sd865 5g
  • Sd865 5g Firmware
  • Sd 8 Gen1 5g
  • Sd 8 Gen1 5g Firmware
  • Snapdragon 865\+ 5g
  • Snapdragon 865\+ 5g Firmware
  • Snapdragon 865 5g
  • Snapdragon 865 5g Firmware
  • Snapdragon 870 5g
  • Snapdragon 870 5g Firmware
  • Snapdragon 8 Gen 1
  • Snapdragon 8 Gen 1 Firmware
  • Snapdragon Ar2 Gen 1
  • Snapdragon Ar2 Gen 1 Firmware
  • Snapdragon Xr2 5g
  • Snapdragon Xr2 5g Firmware
  • Ssg2115p
  • Ssg2115p Firmware
  • Ssg2125p
  • Ssg2125p Firmware
  • Sxr1230p
  • Sxr1230p Firmware
  • Sxr2230p
  • Sxr2230p Firmware
  • Wcd9380
  • Wcd9380 Firmware
  • Wcd9385
  • Wcd9385 Firmware
  • Wcn6740
  • Wcn6740 Firmware
  • Wsa8810
  • Wsa8810 Firmware
  • Wsa8815
  • Wsa8815 Firmware
  • Wsa8830
  • Wsa8830 Firmware
  • Wsa8832
  • Wsa8832 Firmware
  • Wsa8835
  • Wsa8835 Firmware

Configuration 1 [-]

AND
cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:qualcomm:snapdragon_865_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_865_5g:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:qualcomm:snapdragon_865\+_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_865\+_5g:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:qualcomm:snapdragon_870_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_870_5g:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin cve-icon cve-icon
History

Tue, 04 Mar 2025 03:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2025-02-27T21:01:19.073Z

Reserved: 2023-03-17T11:41:45.852Z

Link: CVE-2023-28581

cve-icon Vulnrichment

Updated: 2024-08-02T13:43:22.572Z

cve-icon NVD

Status : Modified

Published: 2023-09-05T07:15:14.247

Modified: 2024-11-21T07:55:35.313

Link: CVE-2023-28581

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.