Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-28574

CRITICAL
Published 2023-11-07T05:26:45.653Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-28574. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
9.0
/10
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.000
probability
of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.137
Higher than 13.7% of all CVEs

Attack Vector Metrics

Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED

Impact Metrics

Confidentiality
NONE
Integrity
HIGH
Availability
HIGH

Description

Memory corruption in core services when Diag handler receives a command to configure event listeners.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Qualcomm, Inc.

Snapdragon

Affected Versions:

AR8035 FastConnect 6700 FastConnect 6900 FastConnect 7800 QAM8255P QAM8650P QAM8775P QAMSRV1H QCA6310 QCA6320 QCA6595 QCA6595AU QCA6696 QCA6698AQ QCA6797AQ QCA8081 QCA8337 QCC710 QCM4490 QCM8550 QCN6024 QCN6224 QCN6274 QCN9024 QCS4490 QCS8550 QDU1000 QDU1010 QDU1110 QDU1210 QDX1010 QDX1011 QFW7114 QFW7124 QRU1032 QRU1052 QRU1062 SA8255P SA8650P SA9000P SC8380XP SD835 SG8275P SM8550P Snapdragon 4 Gen 2 Mobile Platform Snapdragon 8 Gen 2 Mobile Platform Snapdragon 8+ Gen 2 Mobile Platform Snapdragon 835 Mobile PC Platform Snapdragon AR2 Gen 1 Platform Snapdragon X65 5G Modem-RF System Snapdragon X70 Modem-RF System Snapdragon X75 5G Modem-RF System SRV1H SSG2115P SSG2125P SXR1230P SXR2230P WCD9335 WCD9340 WCD9341 WCD9370 WCD9380 WCD9385 WCD9390 WCD9395 WCN3950 WCN3988 WCN3990 WSA8810 WSA8815 WSA8830 WSA8832 WSA8835 WSA8840 WSA8845 WSA8845H

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-cxvw-76f5-px84

Advisory Details

Memory corruption in core services when Diag handler receives a command to configure event listeners.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-28574
WEB https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin

Advisory provided by GitHub Security Advisory Database. Published: November 14, 2023, Modified: November 14, 2023

References

https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
Published: 2023-11-07T05:26:45.653Z
Last Modified: 2024-08-02T13:43:22.874Z
Copied to clipboard!