CVE-2023-28588

HIGH

Qualcomm Bluetooth Host - Denial of Service via RFC Slot Allocation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 5 public exploits for CVE-2023-28588. PoCs published by Trinadh465, uthrasri.

AI-analyzed exploit summary The repository contains a functional exploit PoC for CVE-2023-28588, targeting a vulnerability in the Broadcom Bluetooth stack. The code includes a modified version of `btif_sock_rfc.c`, which demonstrates the exploitation of a flaw in RFCOMM socket handling.

Description

Transient DOS in Bluetooth Host while rfc slot allocation.

Exploits (5)

nomisec NO CODE 1 stars
by Trinadh465 · poc
https://github.com/Trinadh465/CVE-2023-28588
nomisec WORKING POC
by uthrasri · poc
https://github.com/uthrasri/CVE-2023-28588_G2.5_singlefile

The repository contains a functional exploit PoC for CVE-2023-28588, targeting a vulnerability in the Broadcom Bluetooth stack. The code includes a modified version of `btif_sock_rfc.c`, which demonstrates the exploitation of a flaw in RFCOMM socket handling.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Broadcom Bluetooth stack (versions affected by CVE-2023-28588)
No auth needed
Prerequisites: Physical proximity or remote access to a vulnerable Bluetooth device
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 7.5
EPSS 0.0052
EPSS Percentile 40.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-190
Status published
Products (50)
qualcomm/apq8017_firmware
qualcomm/apq8064au_firmware
qualcomm/aqt1000_firmware
qualcomm/ar8031_firmware
qualcomm/ar8035_firmware
qualcomm/csra6620_firmware
qualcomm/csra6640_firmware
qualcomm/fastconnect_6200_firmware
qualcomm/fastconnect_6700_firmware
qualcomm/fastconnect_6800_firmware
... and 40 more
Published Dec 05, 2023
Tracked Since Feb 18, 2026