CVE-2023-33071

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-33071
Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities.

7.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*
Information

Published : 2023-12-05 03:15

Updated : 2023-12-11 18:45

NVD link : CVE-2023-33071

Mitre link : CVE-2023-33071

JSON object : View

Products Affected

qualcomm

  • sa6145p_firmware
  • sa8155p
  • qca6574a
  • sa6155p
  • qca6574au_firmware
  • sa8150p
  • sa6150p_firmware
  • sa8145p_firmware
  • qca6574
  • sa8150p_firmware
  • sa8155
  • sa8155p_firmware
  • sa8195p_firmware
  • sa6155_firmware
  • sa8195p
  • qca6574_firmware
  • sa6155
  • sa8155_firmware
  • qca6574a_firmware
  • sa8145p
  • sa6150p
  • sa6145p
  • qca6574au
  • qca6595au
  • sa6155p_firmware
  • qca6595au_firmware
CWE
CWE-863

Incorrect Authorization