Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

None

Privileges Required

None

Attack Vector

Physical

CVE-2023-33014

Disclosure Date: January 02, 2024 •

CVE-2023-33014 CVSS v3 Base Score: 6.8

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Information disclosure in Core services while processing a Diag command.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

6.8 Medium

Impact Score:

5.9

Exploitability Score:

0.9

Vector:

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Physical

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

General Information

Offensive Application

Unknown

Utility Class

Unknown

Ports

Unknown

Vulnerable Versions

Snapdragon AR8035

Snapdragon FastConnect 6700

Snapdragon FastConnect 6900

Snapdragon FastConnect 7800

Snapdragon QAM8255P

Snapdragon QAM8650P

Snapdragon QAM8775P

Snapdragon QCA6595

Snapdragon QCA6595AU

Snapdragon QCA6698AQ

Snapdragon QCA6797AQ

Snapdragon QCA8081

Snapdragon QCA8337

Snapdragon QCM4490

Snapdragon QCN6024

Snapdragon QCN9024

Snapdragon QCS4490

Snapdragon QCS8550

Snapdragon SA8255P

Snapdragon SM4450

Snapdragon Snapdragon AR2 Gen 1 Platform

Snapdragon Snapdragon X65 5G Modem-RF System

Snapdragon Snapdragon X70 Modem-RF System

Snapdragon SSG2115P

Snapdragon SSG2125P

Snapdragon SXR1230P

Snapdragon SXR2230P

Snapdragon WCD9370

Snapdragon WCD9380

Snapdragon WCD9385

Snapdragon WCN3950

Snapdragon WCN3988

Snapdragon WSA8810

Snapdragon WSA8815

Snapdragon WSA8830

Snapdragon WSA8832

Snapdragon WSA8835

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

qualcomm

Products

ar8035 firmware -,
fastconnect 6700 -,
fastconnect 6900 firmware -,
fastconnect 7800 firmware -,
qam8255p firmware -,
qam8650p firmware -,
qam8775p firmware -,
qca6595 firmware -,
qca6595au firmware -,
qca6698aq firmware -,
qca6797aq firmware -,
qca8081 firmware -,
qca8337 firmware -,
qcm4490 firmware -,
qcn6024 firmware -,
qcn9024 firmware -,
qcs4490 firmware -,
qcs8550 firmware -,
sa8255p firmware -,
sm4450 firmware -,
snapdragon ar2 gen 1 platform firmware -,
snapdragon x65 5g modem-rf system firmware -,
snapdragon x70 modem-rf system firmware -,
ssg2115p firmware -,
ssg2125p firmware -,
sxr1230p firmware -,
sxr2230p firmware -,
wcd9370 firmware -,
wcd9380 firmware -,
wcd9385 firmware -,
wcn3950 firmware -,
wcn3988 firmware -,
wsa8810 firmware -,
wsa8815 firmware -,
wsa8830 firmware -,
wsa8832 firmware -,
wsa8835 firmware -

References

Canonical

CVE-2023-33014 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33014)

Miscellaneous

https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin

Rapid7

Hello Everyone! We have made some updates to AttackerKB in the last few months.

New tags:

New workers:

Unknown

CVE-2023-33014

Unknown

Unknown

None

None

Physical

CVE-2023-33014

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Hello Everyone! We have made some updates to AttackerKB in the last few months.

New tags:

New workers:

Unknown

CVE-2023-33014

Unknown

Unknown

None

None

Physical

CVE-2023-33014

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification