CVE-2023-28581

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-28581
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_865_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_865_5g:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_865\+_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_865\+_5g:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_870_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_870_5g:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
History

21 Nov 2024, 07:55

Type Values Removed Values Added
References () https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin - Vendor Advisory () https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin - Vendor Advisory

08 Sep 2023, 18:32

Type Values Removed Values Added
CPE cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_865\+_5g:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_865_5g:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_870_5g:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_865_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_865\+_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_870_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*
CWE CWE-787
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
References (MISC) https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin - (MISC) https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin - Vendor Advisory
First Time Qualcomm ssg2125p Firmware
Qualcomm snapdragon 8 Gen 1 Firmware
Qualcomm wsa8835
Qualcomm
Qualcomm snapdragon 870 5g Firmware
Qualcomm sd865 5g Firmware
Qualcomm snapdragon 865 5g
Qualcomm wsa8832 Firmware
Qualcomm fastconnect 6800
Qualcomm ssg2115p Firmware
Qualcomm sd 8 Gen1 5g
Qualcomm fastconnect 7800
Qualcomm wsa8810 Firmware
Qualcomm snapdragon 865\+ 5g
Qualcomm snapdragon Ar2 Gen 1 Firmware
Qualcomm wsa8810
Qualcomm sxr2230p
Qualcomm ssg2115p
Qualcomm snapdragon Xr2 5g
Qualcomm snapdragon 865 5g Firmware
Qualcomm ssg2125p
Qualcomm fastconnect 7800 Firmware
Qualcomm fastconnect 6900 Firmware
Qualcomm wsa8815
Qualcomm snapdragon 870 5g
Qualcomm snapdragon 8 Gen 1
Qualcomm qca6436
Qualcomm wsa8815 Firmware
Qualcomm sxr2230p Firmware
Qualcomm qca6436 Firmware
Qualcomm wcd9380 Firmware
Qualcomm wsa8830 Firmware
Qualcomm wcd9380
Qualcomm sd865 5g
Qualcomm sd 8 Gen1 5g Firmware
Qualcomm snapdragon 865\+ 5g Firmware
Qualcomm snapdragon Xr2 5g Firmware
Qualcomm wsa8830
Qualcomm fastconnect 6800 Firmware
Qualcomm wcd9385 Firmware
Qualcomm qca6391
Qualcomm snapdragon Ar2 Gen 1
Qualcomm sxr1230p
Qualcomm sxr1230p Firmware
Qualcomm wsa8835 Firmware
Qualcomm fastconnect 6900
Qualcomm qca6426
Qualcomm wsa8832
Qualcomm qca6391 Firmware
Qualcomm wcn6740
Qualcomm qca6426 Firmware
Qualcomm wcd9385
Qualcomm wcn6740 Firmware

05 Sep 2023, 07:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-09-05 07:15

Updated : 2024-11-21 07:55

NVD link : CVE-2023-28581

Mitre link : CVE-2023-28581

CVE.ORG link : CVE-2023-28581

JSON object : View

Products Affected

qualcomm

  • wsa8830_firmware
  • snapdragon_865_5g
  • wsa8832
  • snapdragon_xr2_5g
  • wcd9385
  • sd865_5g_firmware
  • snapdragon_xr2_5g_firmware
  • wsa8815_firmware
  • sd_8_gen1_5g_firmware
  • snapdragon_865_5g_firmware
  • sxr2230p
  • qca6436_firmware
  • snapdragon_ar2_gen_1_firmware
  • ssg2115p
  • fastconnect_7800_firmware
  • sd865_5g
  • snapdragon_ar2_gen_1
  • wsa8810_firmware
  • sxr1230p_firmware
  • sd_8_gen1_5g
  • wsa8810
  • qca6436
  • wsa8815
  • qca6426
  • sxr1230p
  • fastconnect_6900_firmware
  • snapdragon_865\+_5g
  • wsa8835_firmware
  • qca6391
  • wcd9380_firmware
  • wcd9385_firmware
  • wcn6740
  • wsa8830
  • wcd9380
  • fastconnect_6900
  • fastconnect_6800_firmware
  • wsa8832_firmware
  • snapdragon_8_gen_1_firmware
  • qca6426_firmware
  • ssg2125p
  • snapdragon_870_5g_firmware
  • sxr2230p_firmware
  • qca6391_firmware
  • wcn6740_firmware
  • snapdragon_865\+_5g_firmware
  • fastconnect_6800
  • ssg2115p_firmware
  • wsa8835
  • fastconnect_7800
  • snapdragon_870_5g
  • snapdragon_8_gen_1
  • ssg2125p_firmware
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-787

Out-of-bounds Write