Main Vulnerability Database Vulnerabilities #VU81363

#VU81363 Improper input validation in Qualcomm products - CVE-2023-22382

Published: October 2, 2023

Vulnerability identifier: #VU81363

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-22382

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
APQ8064AU
QAM8295P
QAM8650P
QAMSRV1H
QCA6564A
QCA6564AU
QCA6574A
QCA6584AU
QCA6595
QCA6595AU
QCA6696
QCA6698AQ
SA6145P
SA6150P
SA6155
SA8145P
SA8150P
SA8155
SA8155P
SA8195P
SA8295P
SA8650P
Snapdragon 820 Automotive Platform
SRV1H
MSM8996AU
QCA6574AU
SA6155P
SA8540P
SA9000P

Software vendor:
Qualcomm

Description

The vulnerability allows a local application to compromise the affected device.

The vulnerability exists due to improper input validation in Automotive. A local application can compromise the affected device.

Remediation

Install security update from vendor's website.

External links

https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2023-bulletin.html

#VU81363 Improper input validation in Qualcomm products - CVE-2023-22382

Description

Remediation

External links

Please verify you're human