Login Sign Up

CVE-2023-24851

7.8 HIGH
Remote Code Execution Denial of Service

📋 TL;DR

This vulnerability allows memory corruption in Qualcomm WLAN Host software when parsing QMI response messages from firmware. Attackers could potentially execute arbitrary code or cause denial of service on affected devices. This affects devices using Qualcomm WLAN chipsets with vulnerable firmware.

💻 Affected Systems

Products:
  • Qualcomm WLAN Host software/firmware
Versions: Specific versions not publicly detailed in bulletin
Operating Systems: Android, Linux-based systems with Qualcomm chipsets
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with Qualcomm WLAN chipsets; exact device models not specified in public bulletin.

📦 What is this software?

Ar8035 Firmware by Qualcomm

View all CVEs affecting Ar8035 Firmware →

Csr8811 Firmware by Qualcomm

View all CVEs affecting Csr8811 Firmware →

Csra6620 Firmware by Qualcomm

View all CVEs affecting Csra6620 Firmware →

Csra6640 Firmware by Qualcomm

View all CVEs affecting Csra6640 Firmware →

Fastconnect 6200 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6200 Firmware →

Fastconnect 6700 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6700 Firmware →

Fastconnect 6800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6800 Firmware →

Fastconnect 6900 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6900 Firmware →

Fastconnect 7800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 7800 Firmware →

Flight Rb5 5g Firmware by Qualcomm

View all CVEs affecting Flight Rb5 5g Firmware →

Immersive Home 214 Firmware by Qualcomm

View all CVEs affecting Immersive Home 214 Firmware →

Immersive Home 216 Firmware by Qualcomm

View all CVEs affecting Immersive Home 216 Firmware →

Immersive Home 316 Firmware by Qualcomm

View all CVEs affecting Immersive Home 316 Firmware →

Immersive Home 318 Firmware by Qualcomm

View all CVEs affecting Immersive Home 318 Firmware →

Ipq5010 Firmware by Qualcomm

View all CVEs affecting Ipq5010 Firmware →

Ipq5028 Firmware by Qualcomm

View all CVEs affecting Ipq5028 Firmware →

Ipq6000 Firmware by Qualcomm

View all CVEs affecting Ipq6000 Firmware →

Ipq6010 Firmware by Qualcomm

View all CVEs affecting Ipq6010 Firmware →

Ipq6018 Firmware by Qualcomm

View all CVEs affecting Ipq6018 Firmware →

Ipq6028 Firmware by Qualcomm

View all CVEs affecting Ipq6028 Firmware →

Ipq8070a Firmware by Qualcomm

View all CVEs affecting Ipq8070a Firmware →

Ipq8071a Firmware by Qualcomm

View all CVEs affecting Ipq8071a Firmware →

Ipq8072a Firmware by Qualcomm

View all CVEs affecting Ipq8072a Firmware →

Ipq8074a Firmware by Qualcomm

View all CVEs affecting Ipq8074a Firmware →

Ipq8076 Firmware by Qualcomm

View all CVEs affecting Ipq8076 Firmware →

Ipq8076a Firmware by Qualcomm

View all CVEs affecting Ipq8076a Firmware →

Ipq8078 Firmware by Qualcomm

View all CVEs affecting Ipq8078 Firmware →

Ipq8078a Firmware by Qualcomm

View all CVEs affecting Ipq8078a Firmware →

Ipq8173 Firmware by Qualcomm

View all CVEs affecting Ipq8173 Firmware →

Ipq8174 Firmware by Qualcomm

View all CVEs affecting Ipq8174 Firmware →

Ipq9008 Firmware by Qualcomm

View all CVEs affecting Ipq9008 Firmware →

Ipq9574 Firmware by Qualcomm

View all CVEs affecting Ipq9574 Firmware →

Qam8255p Firmware by Qualcomm

View all CVEs affecting Qam8255p Firmware →

Qam8295p Firmware by Qualcomm

View all CVEs affecting Qam8295p Firmware →

Qam8650p Firmware by Qualcomm

View all CVEs affecting Qam8650p Firmware →

Qam8775p Firmware by Qualcomm

View all CVEs affecting Qam8775p Firmware →

Qca4024 Firmware by Qualcomm

View all CVEs affecting Qca4024 Firmware →

Qca6174a Firmware by Qualcomm

View all CVEs affecting Qca6174a Firmware →

Qca6310 Firmware by Qualcomm

View all CVEs affecting Qca6310 Firmware →

Qca6320 Firmware by Qualcomm

View all CVEs affecting Qca6320 Firmware →

Qca6391 Firmware by Qualcomm

View all CVEs affecting Qca6391 Firmware →

Qca6554a Firmware by Qualcomm

View all CVEs affecting Qca6554a Firmware →

Qca6564au Firmware by Qualcomm

View all CVEs affecting Qca6564au Firmware →

Qca6574 Firmware by Qualcomm

View all CVEs affecting Qca6574 Firmware →

Qca6574a Firmware by Qualcomm

View all CVEs affecting Qca6574a Firmware →

Qca6574au Firmware by Qualcomm

View all CVEs affecting Qca6574au Firmware →

Qca6584au Firmware by Qualcomm

View all CVEs affecting Qca6584au Firmware →

Qca6595 Firmware by Qualcomm

View all CVEs affecting Qca6595 Firmware →

Qca6595au Firmware by Qualcomm

View all CVEs affecting Qca6595au Firmware →

Qca6696 Firmware by Qualcomm

View all CVEs affecting Qca6696 Firmware →

Qca6698aq Firmware by Qualcomm

View all CVEs affecting Qca6698aq Firmware →

Qca6797aq Firmware by Qualcomm

View all CVEs affecting Qca6797aq Firmware →

Qca8072 Firmware by Qualcomm

View all CVEs affecting Qca8072 Firmware →

Qca8075 Firmware by Qualcomm

View all CVEs affecting Qca8075 Firmware →

Qca8081 Firmware by Qualcomm

View all CVEs affecting Qca8081 Firmware →

Qca8082 Firmware by Qualcomm

View all CVEs affecting Qca8082 Firmware →

Qca8084 Firmware by Qualcomm

View all CVEs affecting Qca8084 Firmware →

Qca8085 Firmware by Qualcomm

View all CVEs affecting Qca8085 Firmware →

Qca8337 Firmware by Qualcomm

View all CVEs affecting Qca8337 Firmware →

Qca8386 Firmware by Qualcomm

View all CVEs affecting Qca8386 Firmware →

Qca9377 Firmware by Qualcomm

View all CVEs affecting Qca9377 Firmware →

Qca9888 Firmware by Qualcomm

View all CVEs affecting Qca9888 Firmware →

Qca9889 Firmware by Qualcomm

View all CVEs affecting Qca9889 Firmware →

Qcm2290 Firmware by Qualcomm

View all CVEs affecting Qcm2290 Firmware →

Qcm4290 Firmware by Qualcomm

View all CVEs affecting Qcm4290 Firmware →

Qcm4325 Firmware by Qualcomm

View all CVEs affecting Qcm4325 Firmware →

Qcm4490 Firmware by Qualcomm

View all CVEs affecting Qcm4490 Firmware →

Qcm6490 Firmware by Qualcomm

View all CVEs affecting Qcm6490 Firmware →

Qcn5022 Firmware by Qualcomm

View all CVEs affecting Qcn5022 Firmware →

Qcn5024 Firmware by Qualcomm

View all CVEs affecting Qcn5024 Firmware →

Qcn5052 Firmware by Qualcomm

View all CVEs affecting Qcn5052 Firmware →

Qcn5054 Firmware by Qualcomm

View all CVEs affecting Qcn5054 Firmware →

Qcn5122 Firmware by Qualcomm

View all CVEs affecting Qcn5122 Firmware →

Qcn5124 Firmware by Qualcomm

View all CVEs affecting Qcn5124 Firmware →

Qcn5152 Firmware by Qualcomm

View all CVEs affecting Qcn5152 Firmware →

Qcn5154 Firmware by Qualcomm

View all CVEs affecting Qcn5154 Firmware →

Qcn5164 Firmware by Qualcomm

View all CVEs affecting Qcn5164 Firmware →

Qcn6023 Firmware by Qualcomm

View all CVEs affecting Qcn6023 Firmware →

Qcn6024 Firmware by Qualcomm

View all CVEs affecting Qcn6024 Firmware →

Qcn6122 Firmware by Qualcomm

View all CVEs affecting Qcn6122 Firmware →

Qcn6132 Firmware by Qualcomm

View all CVEs affecting Qcn6132 Firmware →

Qcn9000 Firmware by Qualcomm

View all CVEs affecting Qcn9000 Firmware →

Qcn9001 Firmware by Qualcomm

View all CVEs affecting Qcn9001 Firmware →

Qcn9002 Firmware by Qualcomm

View all CVEs affecting Qcn9002 Firmware →

Qcn9003 Firmware by Qualcomm

View all CVEs affecting Qcn9003 Firmware →

Qcn9011 Firmware by Qualcomm

View all CVEs affecting Qcn9011 Firmware →

Qcn9012 Firmware by Qualcomm

View all CVEs affecting Qcn9012 Firmware →

Qcn9022 Firmware by Qualcomm

View all CVEs affecting Qcn9022 Firmware →

Qcn9024 Firmware by Qualcomm

View all CVEs affecting Qcn9024 Firmware →

Qcn9070 Firmware by Qualcomm

View all CVEs affecting Qcn9070 Firmware →

Qcn9072 Firmware by Qualcomm

View all CVEs affecting Qcn9072 Firmware →

Qcn9074 Firmware by Qualcomm

View all CVEs affecting Qcn9074 Firmware →

Qcn9100 Firmware by Qualcomm

View all CVEs affecting Qcn9100 Firmware →

Qcn9274 Firmware by Qualcomm

View all CVEs affecting Qcn9274 Firmware →

Qcs2290 Firmware by Qualcomm

View all CVEs affecting Qcs2290 Firmware →

Qcs410 Firmware by Qualcomm

View all CVEs affecting Qcs410 Firmware →

Qcs4290 Firmware by Qualcomm

View all CVEs affecting Qcs4290 Firmware →

Qcs4490 Firmware by Qualcomm

View all CVEs affecting Qcs4490 Firmware →

Qcs610 Firmware by Qualcomm

View all CVEs affecting Qcs610 Firmware →

Qcs6490 Firmware by Qualcomm

View all CVEs affecting Qcs6490 Firmware →

Qrb5165m Firmware by Qualcomm

View all CVEs affecting Qrb5165m Firmware →

Qrb5165n Firmware by Qualcomm

View all CVEs affecting Qrb5165n Firmware →

Qsm8350 Firmware by Qualcomm

View all CVEs affecting Qsm8350 Firmware →

Robotics Rb5 Firmware by Qualcomm

View all CVEs affecting Robotics Rb5 Firmware →

Sa4150p Firmware by Qualcomm

View all CVEs affecting Sa4150p Firmware →

Sa4155p Firmware by Qualcomm

View all CVEs affecting Sa4155p Firmware →

Sa6145p Firmware by Qualcomm

View all CVEs affecting Sa6145p Firmware →

Sa6150p Firmware by Qualcomm

View all CVEs affecting Sa6150p Firmware →

Sa6155p Firmware by Qualcomm

View all CVEs affecting Sa6155p Firmware →

Sa8145p Firmware by Qualcomm

View all CVEs affecting Sa8145p Firmware →

Sa8150p Firmware by Qualcomm

View all CVEs affecting Sa8150p Firmware →

Sa8155p Firmware by Qualcomm

View all CVEs affecting Sa8155p Firmware →

Sa8195p Firmware by Qualcomm

View all CVEs affecting Sa8195p Firmware →

Sa8255p Firmware by Qualcomm

View all CVEs affecting Sa8255p Firmware →

Sa8295p Firmware by Qualcomm

View all CVEs affecting Sa8295p Firmware →

Sd 8 Gen1 5g Firmware by Qualcomm

View all CVEs affecting Sd 8 Gen1 5g Firmware →

Sd660 Firmware by Qualcomm

View all CVEs affecting Sd660 Firmware →

Sd835 Firmware by Qualcomm

View all CVEs affecting Sd835 Firmware →

Sd865 5g Firmware by Qualcomm

View all CVEs affecting Sd865 5g Firmware →

Sd888 Firmware by Qualcomm

View all CVEs affecting Sd888 Firmware →

Sdx65m Firmware by Qualcomm

View all CVEs affecting Sdx65m Firmware →

Sg4150p Firmware by Qualcomm

View all CVEs affecting Sg4150p Firmware →

Sm7250p Firmware by Qualcomm

View all CVEs affecting Sm7250p Firmware →

Sm7315 Firmware by Qualcomm

View all CVEs affecting Sm7315 Firmware →

Sm7325p Firmware by Qualcomm

View all CVEs affecting Sm7325p Firmware →

Smart Audio 400 Firmware by Qualcomm

View all CVEs affecting Smart Audio 400 Firmware →

Snapdragon 4 Gen 1 Firmware by Qualcomm

View all CVEs affecting Snapdragon 4 Gen 1 Firmware →

Snapdragon 4 Gen 2 Firmware by Qualcomm

View all CVEs affecting Snapdragon 4 Gen 2 Firmware →

Snapdragon 439 Firmware by Qualcomm

View all CVEs affecting Snapdragon 439 Firmware →

Snapdragon 460 Firmware by Qualcomm

View all CVEs affecting Snapdragon 460 Firmware →

Snapdragon 480 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 480 5g Firmware →

Snapdragon 480 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 480 5g Firmware →

Snapdragon 660 Firmware by Qualcomm

View all CVEs affecting Snapdragon 660 Firmware →

Snapdragon 680 4g Firmware by Qualcomm

View all CVEs affecting Snapdragon 680 4g Firmware →

Snapdragon 685 4g Firmware by Qualcomm

View all CVEs affecting Snapdragon 685 4g Firmware →

Snapdragon 690 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 690 5g Firmware →

Snapdragon 695 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 695 5g Firmware →

Snapdragon 750g 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 750g 5g Firmware →

Snapdragon 765 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 765 5g Firmware →

Snapdragon 765g 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 765g 5g Firmware →

Snapdragon 768g 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 768g 5g Firmware →

Snapdragon 778g\+ 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g\+ 5g Firmware →

Snapdragon 778g\+ 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g\+ 5g Firmware →

Snapdragon 780g 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 780g 5g Firmware →

Snapdragon 782g Firmware by Qualcomm

View all CVEs affecting Snapdragon 782g Firmware →

Snapdragon 7c\+ Gen 3 Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c\+ Gen 3 Firmware →

Snapdragon 8 Gen 1 Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Firmware →

Snapdragon 8 Gen 1 Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Firmware →

Snapdragon 835 Firmware by Qualcomm

View all CVEs affecting Snapdragon 835 Firmware →

Snapdragon 865 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 865 5g Firmware →

Snapdragon 865 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 865 5g Firmware →

Snapdragon 870 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 870 5g Firmware →

Snapdragon 888 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 888 5g Firmware →

Snapdragon 888 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon 888 5g Firmware →

Snapdragon Ar2 Gen 1 Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar2 Gen 1 Firmware →

Snapdragon Auto 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Firmware →

Snapdragon W5\+ Gen 1 Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Firmware →

Snapdragon X12 Lte Firmware by Qualcomm

View all CVEs affecting Snapdragon X12 Lte Firmware →

Snapdragon X55 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon X55 5g Firmware →

Snapdragon X65 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon X65 5g Firmware →

Snapdragon Xr2 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2 5g Firmware →

Snapdragon Xr2\+ Gen 1 Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2\+ Gen 1 Firmware →

Ssg2115p Firmware by Qualcomm

View all CVEs affecting Ssg2115p Firmware →

Ssg2125p Firmware by Qualcomm

View all CVEs affecting Ssg2125p Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr1230p Firmware by Qualcomm

View all CVEs affecting Sxr1230p Firmware →

Sxr2230p Firmware by Qualcomm

View all CVEs affecting Sxr2230p Firmware →

Video Collaboration Vc1 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc1 Platform Firmware →

Video Collaboration Vc3 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc3 Platform Firmware →

Wcd9326 Firmware by Qualcomm

View all CVEs affecting Wcd9326 Firmware →

Wcd9335 Firmware by Qualcomm

View all CVEs affecting Wcd9335 Firmware →

Wcd9340 Firmware by Qualcomm

View all CVEs affecting Wcd9340 Firmware →

Wcd9341 Firmware by Qualcomm

View all CVEs affecting Wcd9341 Firmware →

Wcd9370 Firmware by Qualcomm

View all CVEs affecting Wcd9370 Firmware →

Wcd9375 Firmware by Qualcomm

View all CVEs affecting Wcd9375 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcn3615 Firmware by Qualcomm

View all CVEs affecting Wcn3615 Firmware →

Wcn3680b Firmware by Qualcomm

View all CVEs affecting Wcn3680b Firmware →

Wcn3910 Firmware by Qualcomm

View all CVEs affecting Wcn3910 Firmware →

Wcn3950 Firmware by Qualcomm

View all CVEs affecting Wcn3950 Firmware →

Wcn3980 Firmware by Qualcomm

View all CVEs affecting Wcn3980 Firmware →

Wcn3988 Firmware by Qualcomm

View all CVEs affecting Wcn3988 Firmware →

Wcn3990 Firmware by Qualcomm

View all CVEs affecting Wcn3990 Firmware →

Wcn6740 Firmware by Qualcomm

View all CVEs affecting Wcn6740 Firmware →

Wsa8810 Firmware by Qualcomm

View all CVEs affecting Wsa8810 Firmware →

Wsa8815 Firmware by Qualcomm

View all CVEs affecting Wsa8815 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges, allowing complete device compromise and persistence.

🟠

Likely Case

Device crash/reboot (denial of service) or limited code execution in WLAN subsystem context.

🟢

If Mitigated

Denial of service only if exploit fails or memory protections limit impact.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires sending crafted QMI messages to WLAN firmware; no public exploits known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to July 2023 Qualcomm security bulletin for specific patched versions

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided firmware patches. 3. Reboot device after update.

🔧 Temporary Workarounds

Disable WLAN if not needed

linux

Temporarily disable wireless functionality to prevent exploitation

nmcli radio wifi off
ip link set wlan0 down

🧯 If You Can't Patch

  • Segment network to limit WLAN device exposure
  • Implement strict network filtering for QMI protocol traffic

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm security bulletin; command varies by device manufacturer

Check Version:

cat /sys/class/net/wlan0/device/firmware_version (Linux example, varies by device)

Verify Fix Applied:

Verify firmware version has been updated to patched version from manufacturer

📡 Detection & Monitoring

Log Indicators:

  • WLAN firmware crashes
  • Kernel panic logs related to WLAN driver

Network Indicators:

  • Unusual QMI protocol traffic to WLAN interfaces

SIEM Query:

source="kernel" AND "WLAN" AND ("panic" OR "crash")

📊 Metadata

CVE ID: CVE-2023-24851
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-120
Published: July 4, 2023
Last Updated: August 11, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-24851, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)