CVE-2023-28581

CRITICAL

Qualcomm FastConnect and Snapdragon WLAN Firmware - Memory Corruption in GTK Key Parsing

Title source: llm

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.

Core 1

Core References

Vendor Advisory

CVSS v3 9.8

EPSS 0.0013

EPSS Percentile 32.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

CWE

CWE-119 CWE-787

Status published

Products (26)

qualcomm/fastconnect_6800_firmware

qualcomm/fastconnect_6900_firmware

qualcomm/fastconnect_7800_firmware

qualcomm/qca6391_firmware

qualcomm/qca6426_firmware

qualcomm/qca6436_firmware

qualcomm/sd865_5g_firmware

qualcomm/sd_8_gen1_5g_firmware

qualcomm/snapdragon_865\+_5g_firmware

qualcomm/snapdragon_865_5g_firmware

... and 16 more

Published Sep 05, 2023

Tracked Since Feb 18, 2026