Qualcomm Sys Hackers Actively Exploit 3 new Zero-Days


Three new zero days have been reported to Qualcomm, which were CVE-2023-33106, CVE-2023-33107, and CVE-2023-33063. These vulnerabilities were discovered as part of Google Project Zero and were disclosed to Qualcomm by Google Threat Analysis Group.

These new zero days were found to be exploited by threat actors along with CVE-2022-22071. This use-after-free condition existed on certain SnapDragon processors, which was fixed and addressed by Qualcomm on their security bulletin in May 2022. 

“CVE-2022-22071 was included in our May 2022 public bulletin. The details of the remaining CVEs will be shared in our December 2023 public bulletin.” reads the security bulletin published by Qualcomm.

October 2023 Bulletin

Several new vulnerabilities with severities as Critical, High, and Medium were addressed as per the new security bulletin published by Qualcomm. According to the security bulletin published, 3 Critical severity vulnerabilities and 13 High severity vulnerabilities were addressed.



Document

FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware


CVE-2023-24855 was one of the critical vulnerabilities addressed by Qualcomm, which was related to a memory corruption vulnerability in Modem that was exploitable while processing security-related configuration before AS Security Exchange. The severity for this vulnerability has been given as 9.8 (Critical).

CVE-2023-28540 was the second critical vulnerability addressed, a cryptographic issue that existed in the Data Modem due to improper authentication during the TLS handshake. The severity for this vulnerability was given as 9.1 (Critical).

Another critical vulnerability addressed as part of the bulletin was CVE-2023-33028, which was associated with a memory corruption vulnerability in the WLAN Firmware that existed while doing a memory copy of the pmk cache. This was due to improper checking of the Size on input and was given the severity of 9.8 (Critical).

These critical vulnerabilities were remotely exploited, as mentioned on the Access vector of the Qualcomm security bulletin for each of these vulnerabilities. However, there is no evidence of them being exploited by threat actors in the wild.

A complete security bulletin has been published by Qualcomm, which provides detailed information about the high-severity vulnerabilities disclosed and addressed.

Users of these Qualcomm products are recommended to upgrade to the latest version of the firmware updates in order to prevent these vulnerabilities from getting exploited.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.



Source link