CVE-2023-33067

MEDIUM

Qualcomm 9206 Lte Modem Firmware - Out-of-Bounds Write

Title source: rule
STIX 2.1

Description

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.

References (1)

Scores

CVSS v3 6.7
EPSS 0.0002
EPSS Percentile 5.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-823 CWE-787
Status published
Products (50)
qualcomm/9206_lte_modem_firmware
qualcomm/aqt1000_firmware
qualcomm/ar8035_firmware
qualcomm/c-v2x_9150_firmware
qualcomm/fastconnect_6200_firmware
qualcomm/fastconnect_6700_firmware
qualcomm/fastconnect_6800_firmware
qualcomm/fastconnect_6900_firmware
qualcomm/fastconnect_7800_firmware
qualcomm/mdm9628_firmware
... and 40 more
Published Feb 06, 2024
Tracked Since Feb 18, 2026