Vulnerabilities > CVE-2023-21627 - Incorrect Type Conversion or Cast vulnerability in Qualcomm products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

qualcomm

CWE-704

NVD

Published: 2023-08-08

Updated: 2024-04-12

Summary

Memory corruption in Trusted Execution Environment while calling service API with invalid address.

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Aqt1000 Firmware - Qualcomm Qca6390 Firmware - Qualcomm Qca6391 Firmware - Qualcomm Qca6420 Firmware - Qualcomm Qca6426 Firmware - Qualcomm Qca6430 Firmware - Qualcomm Qca6436 Firmware - Qualcomm Qca6574Au Firmware - Qualcomm Qca6595Au Firmware - Qualcomm Qca6696 Firmware - Qualcomm Qcc5100 Firmware - Qualcomm Qcs8155 Firmware - Qualcomm Sa6145P Firmware - Qualcomm Sa6150P Firmware - Qualcomm Sa6155P Firmware - Qualcomm Sa8145P Firmware - Qualcomm Sa8150P Firmware - Qualcomm Sa8155P Firmware - Qualcomm Sa8195P Firmware - Qualcomm SD 8 Gen1 5G Firmware - Qualcomm Sd855 Firmware - Qualcomm Sd865 5G Firmware - Qualcomm Sd870 Firmware - Qualcomm Sd888 5G Firmware - Qualcomm Sda429W Firmware - Qualcomm Sdx55M Firmware - Qualcomm Sdxr2 5G Firmware - Qualcomm Sw5100 Firmware - Qualcomm Sw5100P Firmware - Qualcomm Wcd9341 Firmware - Qualcomm Wcd9380 Firmware - Qualcomm Wcd9385 Firmware - Qualcomm Wcn3610 Firmware - Qualcomm Wcn3660B Firmware - Qualcomm Wcn3680B Firmware - Qualcomm Wcn3980 Firmware - Qualcomm Wcn3988 Firmware - Qualcomm Wcn3998 Firmware - Qualcomm Wcn6850 Firmware - Qualcomm Wcn6851 Firmware - Qualcomm Wcn6855 Firmware - Qualcomm Wcn6856 Firmware - Qualcomm Wcn7850 Firmware - Qualcomm Wcn7851 Firmware - Qualcomm Wsa8810 Firmware - Qualcomm Wsa8815 Firmware - Qualcomm Wsa8830 Firmware - Qualcomm Wsa8835 Firmware -	48
Hardware	Qualcomm Qualcomm Aqt1000 - Qualcomm Qca6390 - Qualcomm Qca6391 - Qualcomm Qca6420 - Qualcomm Qca6426 - Qualcomm Qca6430 - Qualcomm Qca6436 - Qualcomm Qca6574Au - Qualcomm Qca6595Au - Qualcomm Qca6696 - Qualcomm Qcc5100 - Qualcomm Qcs8155 - Qualcomm Sa6145P - Qualcomm Sa6150P - Qualcomm Sa6155P - Qualcomm Sa8145P - Qualcomm Sa8150P - Qualcomm Sa8155P - Qualcomm Sa8195P - Qualcomm SD 8 Gen1 5G - Qualcomm Sd855 - Qualcomm Sd865 5G - Qualcomm Sd870 - Qualcomm Sd888 5G - Qualcomm Sda429W - Qualcomm Sdx55M - Qualcomm Sdxr2 5G - Qualcomm Sw5100 - Qualcomm Sw5100P - Qualcomm Wcd9341 - Qualcomm Wcd9380 - Qualcomm Wcd9385 - Qualcomm Wcn3610 - Qualcomm Wcn3660B - Qualcomm Wcn3680B - Qualcomm Wcn3980 - Qualcomm Wcn3988 - Qualcomm Wcn3998 - Qualcomm Wcn6850 - Qualcomm Wcn6851 - Qualcomm Wcn6855 - Qualcomm Wcn6856 - Qualcomm Wcn7850 - Qualcomm Wcn7851 - Qualcomm Wsa8810 - Qualcomm Wsa8815 - Qualcomm Wsa8830 - Qualcomm Wsa8835 -	48

Common Weakness Enumeration (CWE)

CWE-704 - Incorrect Type Conversion or Cast

References

https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin