CVE-2023-21669

Q: What is the severity of CVE-2023-21669?

CVE-2023-21669 has a CVSS score of 8.2 (HIGH). This vulnerability allows information disclosure in Qualcomm WLAN HOST software when sending DPP action frames with invalid source addresses. Attackers could potentially access sensitive wireless network information. Affects devices using Qualcomm chipsets with vulnerable WLAN firmware.

8.2 HIGH

📋 TL;DR

This vulnerability allows information disclosure in Qualcomm WLAN HOST software when sending DPP action frames with invalid source addresses. Attackers could potentially access sensitive wireless network information. Affects devices using Qualcomm chipsets with vulnerable WLAN firmware.

💻 Affected Systems

Products:

Qualcomm WLAN HOST software

Versions: Specific versions not publicly detailed in bulletin

Operating Systems: Android and other OS using Qualcomm WLAN chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with Qualcomm chipsets supporting DPP (Device Provisioning Protocol) feature.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could intercept sensitive wireless communication, obtain network credentials, or perform man-in-the-middle attacks on vulnerable devices.

🟠

Likely Case

Information leakage about wireless network configuration and potentially device identifiers, enabling reconnaissance for further attacks.

🟢

If Mitigated

Limited information exposure with proper network segmentation and access controls in place.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires proximity to target device and ability to send crafted DPP frames.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to June 2023 Qualcomm security bulletin for specific patched versions

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches. 3. Reboot device after update.

🔧 Temporary Workarounds

Disable DPP if not needed

all

Disable Device Provisioning Protocol feature if not required for network operations

Network segmentation

all

Segment wireless networks to limit exposure of vulnerable devices

🧯 If You Can't Patch

Isolate vulnerable devices on separate network segments
Implement strict network access controls and monitoring

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm's patched versions list

Check Version:

Device-specific commands vary by manufacturer (e.g., Android: Settings > About Phone > Build Number)

Verify Fix Applied:

Verify firmware version has been updated to patched release

📡 Detection & Monitoring

Log Indicators:

Unusual DPP frame activity
Multiple failed DPP authentication attempts

Network Indicators:

Malformed DPP frames with invalid source addresses
Unusual wireless protocol traffic

SIEM Query:

wireless_protocol:DPP AND (source_address:invalid OR frame_type:malformed)

📊 Metadata

CVE ID: CVE-2023-21669

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CWE: CWE-126

Published: June 6, 2023

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin Patch,Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aqt1000 Firmware by Qualcomm

Flight Rb5 5g Platform Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcn9074 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qcs8250 Firmware by Qualcomm

Qrb5165 Firmware by Qualcomm

Qrb5165m Firmware by Qualcomm

Qrb5165n Firmware by Qualcomm

Sd660 Firmware by Qualcomm

Sd730 Firmware by Qualcomm

Sd855 Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sdm429 Firmware by Qualcomm

Sdm429w Firmware by Qualcomm

Sdx55 Firmware by Qualcomm

Sm6150 Ac Firmware by Qualcomm

Sm6250 Firmware by Qualcomm

Sm7125 Firmware by Qualcomm

Sm7150 Aa Firmware by Qualcomm

Sm7150 Ab Firmware by Qualcomm

Sm7150 Ac Firmware by Qualcomm

Sm8150 Ac Firmware by Qualcomm

Sm8150 Firmware by Qualcomm

Sm8250 Ab Firmware by Qualcomm

Sm8250 Ac Firmware by Qualcomm

Sm8250 Firmware by Qualcomm

Snapdragon 675 Mobile Platform Firmware by Qualcomm

Snapdragon X50 5g Modem Rf System Firmware by Qualcomm

Snapdragon X55 5g Modem Rf System Firmware by Qualcomm

Snapdragon Xr2 5g Platform Firmware by Qualcomm

Sxr2130 Firmware by Qualcomm

Wcd9335 Firmware by Qualcomm

Wcd9341 Firmware by Qualcomm

Wcd9370 Firmware by Qualcomm

Wcd9375 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcn3620 Firmware by Qualcomm

Wcn3660b Firmware by Qualcomm

Wcn3910 Firmware by Qualcomm

Wcn3950 Firmware by Qualcomm

Wcn3980 Firmware by Qualcomm

Wcn3988 Firmware by Qualcomm

Wcn3990 Firmware by Qualcomm

Wcn3991 Firmware by Qualcomm

Wcn3998 Firmware by Qualcomm

Wcn685x 1 Firmware by Qualcomm

Wcn685x 5 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm