Vulnerability Description
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
CVSS Score
8.6
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | Fastconnect 6900 Firmware | - |
| Qualcomm | Fastconnect 6900 | - |
| Qualcomm | Fastconnect 7800 Firmware | - |
| Qualcomm | Fastconnect 7800 | - |
| Qualcomm | Flight Rb5 5G Platform Firmware | - |
| Qualcomm | Flight Rb5 5G Platform | - |
| Qualcomm | Qam8255P Firmware | - |
| Qualcomm | Qam8255P | - |
| Qualcomm | Qam8650P Firmware | - |
| Qualcomm | Qam8650P | - |
| Qualcomm | Qam8775P Firmware | - |
| Qualcomm | Qam8775P | - |
| Qualcomm | Qamsrv1H Firmware | - |
| Qualcomm | Qamsrv1H | - |
| Qualcomm | Qamsrv1M Firmware | - |
| Qualcomm | Qamsrv1M | - |
| Qualcomm | Qca6391 Firmware | - |
| Qualcomm | Qca6391 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletVendor Advisory
FAQ
What is CVE-2023-43520?
CVE-2023-43520 is a vulnerability with a CVSS score of 8.6 (HIGH). Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
How severe is CVE-2023-43520?
CVE-2023-43520 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-43520?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm Fastconnect 6900 Firmware, Qualcomm Fastconnect 6900, Qualcomm Fastconnect 7800 Firmware.