Sign-up

ID

VAR-202402-1418


CVE

CVE-2023-33067


TITLE

Out-of-bounds write vulnerability in multiple Qualcomm products

Trust: 0.8

sources: JVNDB: JVNDB-2023-025855

DESCRIPTION

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. 9206 lte modem firmware, AQT1000 firmware, AR8035 Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2023-33067 // JVNDB: JVNDB-2023-025855

AFFECTED PRODUCTS

vendor:qualcommmodel:qam8650pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8295pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qam8255pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 780g 5g mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6900scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9074scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6800scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcc710scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qamsrv1hscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9367scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x55 5g modem-rf systemscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8775pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:c-v2x 9150scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 888\+ 5g mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon wear 4100\+ platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 782g mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x5 lte modemscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:srv1hscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qam8295pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8035scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qamsrv1mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6274scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 429 mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sxr2130scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qam8775pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8770pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 855\+\/860 mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8255pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7325pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 865\+ 5g mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9628scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smart audio 200 platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8081scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfw7124scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa9000pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:9206 lte modemscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 778g\+ 5g mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9377scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfw7114scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8195pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon auto 5g modem-rf gen 2scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x75 5g modem-rf systemscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:srv1mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 888 5g mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:video collaboration vc3 platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 835 mobile pc platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 820 automotive platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6698aqscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6200scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 7c\+ gen 3 computescope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon xr2 5g platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 778g 5g mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8650pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 865 5g mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6224scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 7800scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:video collaboration vc1 platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6700scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 855 mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 1200 wearable platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 870 5g mobile platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9330scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:qca6320scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:c-v2x 9150scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qam8255pscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:9206 lte modemscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6900scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qamsrv1mscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9650scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qamsrv1hscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9628scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6800scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 7800scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6700scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6200scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qam8295pscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8996auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8035scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6310scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qam8775pscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qam8650pscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-025855 // NVD: CVE-2023-33067

CVSS

SEVERITY

CVSSV2

CVSSV3

product-security@qualcomm.com: CVE-2023-33067
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2023-33067
value: HIGH

Trust: 1.0

NVD: CVE-2023-33067
value: HIGH

Trust: 0.8

product-security@qualcomm.com: CVE-2023-33067
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2023-33067
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2023-33067
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-025855 // NVD: CVE-2023-33067 // NVD: CVE-2023-33067

PROBLEMTYPE DATA

problemtype:CWE-823

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-025855 // NVD: CVE-2023-33067

EXTERNAL IDS

db:NVDid:CVE-2023-33067

Trust: 2.6

db:JVNDBid:JVNDB-2023-025855

Trust: 0.8

sources: JVNDB: JVNDB-2023-025855 // NVD: CVE-2023-33067

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-33067

Trust: 0.8

sources: JVNDB: JVNDB-2023-025855 // NVD: CVE-2023-33067

SOURCES

db:JVNDBid:JVNDB-2023-025855
db:NVDid:CVE-2023-33067

LAST UPDATE DATE

2025-08-11T22:56:20.692000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2023-025855date:2024-02-13T01:21:00
db:NVDid:CVE-2023-33067date:2025-08-11T15:06:17.607

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2023-025855date:2024-02-13T00:00:00
db:NVDid:CVE-2023-33067date:2024-02-06T06:16:00.117