9.1критическая
CVE-2023-43551
Описание
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
Затрагиваемое ПО
Qualcomm 315 5g iot modem firmwareQualcomm 315 5g iot modemQualcomm 9205 lte modem firmwareQualcomm 9205 lte modemQualcomm 9206 lte modem firmwareQualcomm 9206 lte modemQualcomm 9207 lte modem firmwareQualcomm 9207 lte modemQualcomm Apq8017 firmwareQualcomm Apq8017Qualcomm Apq8037 firmwareQualcomm Apq8037Qualcomm Aqt1000 firmwareQualcomm Aqt1000Qualcomm Ar6003 firmwareQualcomm Ar6003Qualcomm Ar8035 firmwareQualcomm Ar8035Qualcomm C-v2x 9150 firmwareQualcomm C-v2x 9150Qualcomm Csra6620 firmwareQualcomm Csra6620Qualcomm Csra6640 firmwareQualcomm Csra6640Qualcomm Csrb31024 firmware
CVSS
| Балл | 9.1 — критическая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Источники
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.htmlhttps://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html