Description
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
References (1)
Core 1
Core References
Scores
CVSS v3
6.8
EPSS
0.0008
EPSS Percentile
22.8%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-129
Status
published
Products (50)
qualcomm/315_5g_iot_modem_firmware
qualcomm/8905_firmware
qualcomm/8909_firmware
qualcomm/8917_firmware
qualcomm/8920_firmware
qualcomm/8937_firmware
qualcomm/8940_firmware
qualcomm/8953_firmware
qualcomm/8953pro_firmware
qualcomm/9205_lte_modem_firmware
... and 40 more
Published
Apr 13, 2023
Tracked Since
Feb 18, 2026