CVE-2023-21625

Information disclosure in Network Services due to buffer over-read while the device receives DNS response.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:apq8037_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8037:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:msm8108_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8108:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:msm8208_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8208:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:msm8209_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8209:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:msm8608_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8608:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:msm8937_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4020:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:sd429_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd429:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:qualcomm:sd439_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd439:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND

cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND

cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND

cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND

cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND

cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND

cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND

cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

History

12 Apr 2024, 17:16

Type	Values Removed	Values Added
CWE		CWE-126
Summary		(es) Divulgación de información en Servicios de red debido a la sobrelectura del búfer mientras el dispositivo recibe la respuesta DNS.

10 Aug 2023, 17:24

Type	Values Removed	Values Added
References	~~(MISC) https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin -~~	(MISC) https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin - Vendor Advisory
CPE		cpe:2.3:h:qualcomm:wcn3998:-:::::::* cpe:2.3:h:qualcomm:msm8917:-:::::::* cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6564au:-:::::::* cpe:2.3:h:qualcomm:sd835:-:::::::* cpe:2.3:h:qualcomm:apq8009:-:::::::* cpe:2.3:h:qualcomm:qca4020:-:::::::* cpe:2.3:o:qualcomm:wcn3660b_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3680b:-:::::::* cpe:2.3:o:qualcomm:csra6620_firmware:-:::::::* cpe:2.3:o:qualcomm:sd205_firmware:-:::::::* cpe:2.3:o:qualcomm:qca4010_firmware:-:::::::* cpe:2.3:h:qualcomm:mdm9205:-:::::::* cpe:2.3:h:qualcomm:mdm9250:-:::::::* cpe:2.3:o:qualcomm:csra6640_firmware:-:::::::* cpe:2.3:h:qualcomm:msm8608:-:::::::* cpe:2.3:o:qualcomm:msm8108_firmware:-:::::::* cpe:2.3:h:qualcomm:msm8208:-:::::::* cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::* cpe:2.3:o:qualcomm:msm8917_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3610:-:::::::* cpe:2.3:h:qualcomm:wcd9306:-:::::::* cpe:2.3:h:qualcomm:sd439:-:::::::* cpe:2.3:o:qualcomm:wcn3610_firmware:-:::::::* cpe:2.3:o:qualcomm:mdm9250_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3660b:-:::::::* cpe:2.3:h:qualcomm:msm8209:-:::::::* cpe:2.3:o:qualcomm:qca9377_firmware:-:::::::* cpe:2.3:h:qualcomm:qca4004:-:::::::* cpe:2.3:h:qualcomm:wcn3999:-:::::::* cpe:2.3:o:qualcomm:msm8208_firmware:-:::::::* cpe:2.3:h:qualcomm:qcs405:-:::::::* cpe:2.3:o:qualcomm:wcn3615_firmware:-:::::::* cpe:2.3:h:qualcomm:csra6620:-:::::::* cpe:2.3:h:qualcomm:qca6574a:-:::::::* cpe:2.3:o:qualcomm:wcd9340_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6564a:-:::::::* cpe:2.3:o:qualcomm:sd835_firmware:-:::::::* cpe:2.3:o:qualcomm:mdm9205_firmware:-:::::::* cpe:2.3:h:qualcomm:qca4024:-:::::::* cpe:2.3:h:qualcomm:wcn3615:-:::::::* cpe:2.3:o:qualcomm:wcd9306_firmware:-:::::::* cpe:2.3:o:qualcomm:apq8009_firmware:-:::::::* cpe:2.3:o:qualcomm:msm8608_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs405_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:h:qualcomm:wcn3980:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:o:qualcomm:sd429_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3990_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:h:qualcomm:sd210:-:::::::* cpe:2.3:o:qualcomm:msm8209_firmware:-:::::::* cpe:2.3:o:qualcomm:sd210_firmware:-:::::::* cpe:2.3:h:qualcomm:sd205:-:::::::* cpe:2.3:o:qualcomm:apq8037_firmware:-:::::::* cpe:2.3:o:qualcomm:qca4020_firmware:-:::::::* cpe:2.3:o:qualcomm:qca4024_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6174a_firmware:-:::::::* cpe:2.3:o:qualcomm:qts110_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9326_firmware:-:::::::* cpe:2.3:h:qualcomm:apq8017:-:::::::* cpe:2.3:o:qualcomm:qca6564a_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3999_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6574au:-:::::::* cpe:2.3:o:qualcomm:msm8937_firmware:-:::::::* cpe:2.3:h:qualcomm:ar8031:-:::::::* cpe:2.3:h:qualcomm:qca6174a:-:::::::* cpe:2.3:h:qualcomm:apq8037:-:::::::* cpe:2.3:h:qualcomm:sd429:-:::::::* cpe:2.3:h:qualcomm:qts110:-:::::::* cpe:2.3:h:qualcomm:mdm9650:-:::::::* cpe:2.3:h:qualcomm:wcn3990:-:::::::* cpe:2.3:o:qualcomm:apq8017_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9335_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6574a_firmware:-:::::::* cpe:2.3:o:qualcomm:ar8031_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9340:-:::::::* cpe:2.3:h:qualcomm:wcd9335:-:::::::* cpe:2.3:o:qualcomm:wcn3680b_firmware:-:::::::* cpe:2.3:o:qualcomm:mdm9650_firmware:-:::::::* cpe:2.3:h:qualcomm:msm8937:-:::::::* cpe:2.3:h:qualcomm:qca9377:-:::::::* cpe:2.3:h:qualcomm:csra6640:-:::::::* cpe:2.3:o:qualcomm:qca6564au_firmware:-:::::::* cpe:2.3:o:qualcomm:qca4004_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9326:-:::::::* cpe:2.3:h:qualcomm:qca4010:-:::::::* cpe:2.3:h:qualcomm:msm8108:-:::::::* cpe:2.3:o:qualcomm:sd439_firmware:-:::::::*
CWE		CWE-125
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5

08 Aug 2023, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-08 10:15

Updated : 2024-04-12 17:16

NVD link : CVE-2023-21625

Mitre link : CVE-2023-21625

CVE.ORG link : CVE-2023-21625

JSON object : View

Products Affected

qualcomm

msm8608
sd429_firmware
sd210
wsa8810
qca4024
sd439_firmware
wcn3680b
qca6564a_firmware
qca4010_firmware
mdm9650
sd210_firmware
wcn3660b_firmware
wsa8815
qca6174a_firmware
apq8037_firmware
msm8209
wcn3998
qca6174a
sd835_firmware
sd205_firmware
wcn3680b_firmware
msm8208_firmware
qca6574au
apq8009
qts110
wcd9340_firmware
msm8937
wcn3999_firmware
wcn3999
qca6574a
wsa8810_firmware
csra6640
msm8108
mdm9650_firmware
qca9377
qca6564au_firmware
apq8037
wcn3660b
wcn3990
ar8031_firmware
wcn3998_firmware
sd205
apq8009_firmware
qcs405_firmware
qts110_firmware
mdm9205
qcs405
qca6574a_firmware
wcn3980_firmware
mdm9250
qca9377_firmware
msm8917_firmware
qca4024_firmware
qca4010
qca4004_firmware
apq8017
wcd9335
wcd9306
wcn3610_firmware
wcd9326
qca4004
csra6620_firmware
msm8209_firmware
qca6564au
sd835
wcn3615_firmware
qca6564a
qca4020
wcd9306_firmware
wsa8815_firmware
sd439
qca4020_firmware
wcn3610
sd429
msm8208
wcn3980
wcd9326_firmware
msm8108_firmware
wcd9335_firmware
wcn3615
wcn3990_firmware
wcd9340
msm8608_firmware
apq8017_firmware
mdm9205_firmware
ar8031
mdm9250_firmware
csra6640_firmware
qca6574au_firmware
msm8917
msm8937_firmware
csra6620

CWE

CWE-125

Out-of-bounds Read

CWE-126

Buffer Over-read

7.5 /10