1. Home
  2. CVE Database
  3. CVE-2023-24855
CRITICAL · 9.8

CVE-2023-24855

Memory corruption in Modem while processing security related configuration before AS Security Exchange.

Vulnerability Description

Memory corruption in Modem while processing security related configuration before AS Security Exchange.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommAr8035 Firmware-
QualcommAr8035-
QualcommFastconnect 6200 Firmware-
QualcommFastconnect 6200-
QualcommFastconnect 6700 Firmware-
QualcommFastconnect 6700-
QualcommFastconnect 6900 Firmware-
QualcommFastconnect 6900-
QualcommFastconnect 7800 Firmware-
QualcommFastconnect 7800-
QualcommQca6391 Firmware-
QualcommQca6391-
QualcommQca8081 Firmware-
QualcommQca8081-
QualcommQca8337 Firmware-
QualcommQca8337-
QualcommQcc710 Firmware-
QualcommQcc710-
QualcommQcm4490 Firmware-
QualcommQcm4490-

Related Weaknesses (CWE)

CWE-823CWE-787

References

FAQ

What is CVE-2023-24855?

CVE-2023-24855 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Memory corruption in Modem while processing security related configuration before AS Security Exchange.

How severe is CVE-2023-24855?

CVE-2023-24855 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-24855?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm Fastconnect 6200 Firmware, Qualcomm Fastconnect 6200, Qualcomm Fastconnect 6700 Firmware.