CVE-2023-28541

Q: What is the severity of CVE-2023-28541?

CVE-2023-28541 has a CVSS score of 7.8 (HIGH). This vulnerability allows memory corruption in Qualcomm data modem firmware when processing DMA buffer release events for CFR data. Attackers could potentially execute arbitrary code or cause denial of service on affected devices. This affects smartphones and other devices using vulnerable Qualcomm modem chipsets.

7.8 HIGH

📋 TL;DR

This vulnerability allows memory corruption in Qualcomm data modem firmware when processing DMA buffer release events for CFR data. Attackers could potentially execute arbitrary code or cause denial of service on affected devices. This affects smartphones and other devices using vulnerable Qualcomm modem chipsets.

💻 Affected Systems

Products:

Qualcomm modem chipsets with CFR functionality

Versions: Specific firmware versions not publicly detailed in bulletin

Operating Systems: Android and other mobile OS using affected Qualcomm chips

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with CFR (Channel Feedback Report) functionality enabled in modem firmware

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution allowing complete device compromise, data exfiltration, or persistent backdoor installation

🟠

Likely Case

Device crash/reboot leading to denial of service, potential for limited code execution

🟢

If Mitigated

Device instability or crashes without full compromise if memory protections are effective

🌐 Internet-Facing: MEDIUM - Requires proximity or network access to cellular modem, not directly internet-exposed

🏢 Internal Only: LOW - Primarily affects cellular modem functionality, not typical internal network services

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: HIGH

Exploitation requires specialized knowledge of modem firmware and DMA operations

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to July 2023 Qualcomm security bulletin for specific firmware versions

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for security updates 2. Apply latest firmware/OS update 3. Reboot device after update

🔧 Temporary Workarounds

Disable CFR functionality

all

Disable Channel Feedback Report feature in modem configuration if not required

Requires modem firmware configuration changes - consult device manufacturer

🧯 If You Can't Patch

Isolate affected devices from untrusted networks
Implement network segmentation to limit modem exposure

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm security bulletin or manufacturer advisories

Check Version:

Device-specific commands vary by manufacturer (e.g., Android: Settings > About phone > Baseband version)

Verify Fix Applied:

Verify firmware version has been updated to patched version from manufacturer

📡 Detection & Monitoring

Log Indicators:

Modem crash logs
Unexpected modem resets
Memory corruption errors in modem logs

Network Indicators:

Abnormal modem communication patterns
Unexpected cellular protocol anomalies

SIEM Query:

Not applicable - detection requires modem firmware monitoring capabilities

📊 Metadata

CVE ID: CVE-2023-28541

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-126

Published: July 4, 2023

Last Updated: August 11, 2025

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin Patch,Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aqt1000 Firmware by Qualcomm

Ar8031 Firmware by Qualcomm

Ar9380 Firmware by Qualcomm

C V2x 9150 Firmware by Qualcomm

Csr8811 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6800 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Flight Rb5 5g Firmware by Qualcomm

Immersive Home 214 Firmware by Qualcomm

Immersive Home 216 Firmware by Qualcomm

Immersive Home 316 Firmware by Qualcomm

Immersive Home 318 Firmware by Qualcomm

Ipq4018 Firmware by Qualcomm

Ipq4019 Firmware by Qualcomm

Ipq4028 Firmware by Qualcomm

Ipq4029 Firmware by Qualcomm

Ipq5010 Firmware by Qualcomm

Ipq5028 Firmware by Qualcomm

Ipq6000 Firmware by Qualcomm

Ipq6010 Firmware by Qualcomm

Ipq6018 Firmware by Qualcomm

Ipq6028 Firmware by Qualcomm

Ipq8064 Firmware by Qualcomm

Ipq8065 Firmware by Qualcomm

Ipq8068 Firmware by Qualcomm

Ipq8070 Firmware by Qualcomm

Ipq8070a Firmware by Qualcomm

Ipq8071a Firmware by Qualcomm

Ipq8072a Firmware by Qualcomm

Ipq8074a Firmware by Qualcomm

Ipq8076 Firmware by Qualcomm

Ipq8076a Firmware by Qualcomm

Ipq8078 Firmware by Qualcomm

Ipq8078a Firmware by Qualcomm

Ipq8173 Firmware by Qualcomm

Ipq8174 Firmware by Qualcomm

Ipq9008 Firmware by Qualcomm

Ipq9574 Firmware by Qualcomm

Mdm9250 Firmware by Qualcomm

Mdm9628 Firmware by Qualcomm

Mdm9640 Firmware by Qualcomm

Mdm9650 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6175a Firmware by Qualcomm

Qca6310 Firmware by Qualcomm

Qca6320 Firmware by Qualcomm

Qca6335 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6554a Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm