CVE-2023-28585

8.2 HIGH

📋 TL;DR

This vulnerability allows memory corruption while loading ELF segments in the Trusted Execution Environment (TEE) kernel. Attackers could potentially execute arbitrary code in the TEE, compromising secure operations. This affects devices with Qualcomm chipsets that use the vulnerable TEE implementation.

💻 Affected Systems

Products:

• Qualcomm chipsets with TEE implementation

Versions: Specific affected chipset versions not publicly detailed in advisory

Operating Systems: Android devices with Qualcomm chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Requires local access or ability to execute code on the Android system. Affects devices where TEE is enabled (default on most modern Android devices with Qualcomm chips).

📦 What is this software?

315 5g Iot Modem Firmware by Qualcomm

View all CVEs affecting 315 5g Iot Modem Firmware →

9205 Lte Modem Firmware by Qualcomm

View all CVEs affecting 9205 Lte Modem Firmware →

Aqt1000 Firmware by Qualcomm

View all CVEs affecting Aqt1000 Firmware →

Ar8031 Firmware by Qualcomm

View all CVEs affecting Ar8031 Firmware →

Ar8035 Firmware by Qualcomm

View all CVEs affecting Ar8035 Firmware →

C V2x 9150 Firmware by Qualcomm

View all CVEs affecting C V2x 9150 Firmware →

Csr8811 Firmware by Qualcomm

View all CVEs affecting Csr8811 Firmware →

Csra6620 Firmware by Qualcomm

View all CVEs affecting Csra6620 Firmware →

Csra6640 Firmware by Qualcomm

View all CVEs affecting Csra6640 Firmware →

Csrb31024 Firmware by Qualcomm

View all CVEs affecting Csrb31024 Firmware →

Fastconnect 6200 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6200 Firmware →

Fastconnect 6700 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6700 Firmware →

Fastconnect 6800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6800 Firmware →

Fastconnect 6900 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6900 Firmware →

Fastconnect 7800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 7800 Firmware →

Flight Rb5 5g Platform Firmware by Qualcomm

View all CVEs affecting Flight Rb5 5g Platform Firmware →

Fsm10056 Firmware by Qualcomm

View all CVEs affecting Fsm10056 Firmware →

Immersive Home 3210 Platform Firmware by Qualcomm

View all CVEs affecting Immersive Home 3210 Platform Firmware →

Immersive Home 326 Platform Firmware by Qualcomm

View all CVEs affecting Immersive Home 326 Platform Firmware →

Ipq5332 Firmware by Qualcomm

View all CVEs affecting Ipq5332 Firmware →

Ipq6000 Firmware by Qualcomm

View all CVEs affecting Ipq6000 Firmware →

Ipq6005 Firmware by Qualcomm

View all CVEs affecting Ipq6005 Firmware →

Ipq6010 Firmware by Qualcomm

View all CVEs affecting Ipq6010 Firmware →

Ipq6018 Firmware by Qualcomm

View all CVEs affecting Ipq6018 Firmware →

Ipq6028 Firmware by Qualcomm

View all CVEs affecting Ipq6028 Firmware →

Ipq9008 Firmware by Qualcomm

View all CVEs affecting Ipq9008 Firmware →

Ipq9554 Firmware by Qualcomm

View all CVEs affecting Ipq9554 Firmware →

Ipq9570 Firmware by Qualcomm

View all CVEs affecting Ipq9570 Firmware →

Ipq9574 Firmware by Qualcomm

View all CVEs affecting Ipq9574 Firmware →

Mdm9205s Firmware by Qualcomm

View all CVEs affecting Mdm9205s Firmware →

Qam8255p Firmware by Qualcomm

View all CVEs affecting Qam8255p Firmware →

Qam8295p Firmware by Qualcomm

View all CVEs affecting Qam8295p Firmware →

Qam8650p Firmware by Qualcomm

View all CVEs affecting Qam8650p Firmware →

Qam8775p Firmware by Qualcomm

View all CVEs affecting Qam8775p Firmware →

Qca0000 Firmware by Qualcomm

View all CVEs affecting Qca0000 Firmware →

Qca4004 Firmware by Qualcomm

View all CVEs affecting Qca4004 Firmware →

Qca4024 Firmware by Qualcomm

View all CVEs affecting Qca4024 Firmware →

Qca6174a Firmware by Qualcomm

View all CVEs affecting Qca6174a Firmware →

Qca6310 Firmware by Qualcomm

View all CVEs affecting Qca6310 Firmware →

Qca6335 Firmware by Qualcomm

View all CVEs affecting Qca6335 Firmware →

Qca6391 Firmware by Qualcomm

View all CVEs affecting Qca6391 Firmware →

Qca6420 Firmware by Qualcomm

View all CVEs affecting Qca6420 Firmware →

Qca6421 Firmware by Qualcomm

View all CVEs affecting Qca6421 Firmware →

Qca6426 Firmware by Qualcomm

View all CVEs affecting Qca6426 Firmware →

Qca6430 Firmware by Qualcomm

View all CVEs affecting Qca6430 Firmware →

Qca6431 Firmware by Qualcomm

View all CVEs affecting Qca6431 Firmware →

Qca6436 Firmware by Qualcomm

View all CVEs affecting Qca6436 Firmware →

Qca6564 Firmware by Qualcomm

View all CVEs affecting Qca6564 Firmware →

Qca6564a Firmware by Qualcomm

View all CVEs affecting Qca6564a Firmware →

Qca6564au Firmware by Qualcomm

View all CVEs affecting Qca6564au Firmware →

Qca6574 Firmware by Qualcomm

View all CVEs affecting Qca6574 Firmware →

Qca6574a Firmware by Qualcomm

View all CVEs affecting Qca6574a Firmware →

Qca6574au Firmware by Qualcomm

View all CVEs affecting Qca6574au Firmware →

Qca6584au Firmware by Qualcomm

View all CVEs affecting Qca6584au Firmware →

Qca6595 Firmware by Qualcomm

View all CVEs affecting Qca6595 Firmware →

Qca6595au Firmware by Qualcomm

View all CVEs affecting Qca6595au Firmware →

Qca6696 Firmware by Qualcomm

View all CVEs affecting Qca6696 Firmware →

Qca6698aq Firmware by Qualcomm

View all CVEs affecting Qca6698aq Firmware →

Qca6797aq Firmware by Qualcomm

View all CVEs affecting Qca6797aq Firmware →

Qca8072 Firmware by Qualcomm

View all CVEs affecting Qca8072 Firmware →

Qca8075 Firmware by Qualcomm

View all CVEs affecting Qca8075 Firmware →

Qca8081 Firmware by Qualcomm

View all CVEs affecting Qca8081 Firmware →

Qca8082 Firmware by Qualcomm

View all CVEs affecting Qca8082 Firmware →

Qca8084 Firmware by Qualcomm

View all CVEs affecting Qca8084 Firmware →

Qca8085 Firmware by Qualcomm

View all CVEs affecting Qca8085 Firmware →

Qca8337 Firmware by Qualcomm

View all CVEs affecting Qca8337 Firmware →

Qca8386 Firmware by Qualcomm

View all CVEs affecting Qca8386 Firmware →

Qca9377 Firmware by Qualcomm

View all CVEs affecting Qca9377 Firmware →

Qca9984 Firmware by Qualcomm

View all CVEs affecting Qca9984 Firmware →

Qcc710 Firmware by Qualcomm

View all CVEs affecting Qcc710 Firmware →

Qcf8000 Firmware by Qualcomm

View all CVEs affecting Qcf8000 Firmware →

Qcf8001 Firmware by Qualcomm

View all CVEs affecting Qcf8001 Firmware →

Qcm2290 Firmware by Qualcomm

View all CVEs affecting Qcm2290 Firmware →

Qcm4290 Firmware by Qualcomm

View all CVEs affecting Qcm4290 Firmware →

Qcm4325 Firmware by Qualcomm

View all CVEs affecting Qcm4325 Firmware →

Qcm4490 Firmware by Qualcomm

View all CVEs affecting Qcm4490 Firmware →

Qcm5430 Firmware by Qualcomm

View all CVEs affecting Qcm5430 Firmware →

Qcm6125 Firmware by Qualcomm

View all CVEs affecting Qcm6125 Firmware →

Qcm6490 Firmware by Qualcomm

View all CVEs affecting Qcm6490 Firmware →

Qcm8550 Firmware by Qualcomm

View all CVEs affecting Qcm8550 Firmware →

Qcn5021 Firmware by Qualcomm

View all CVEs affecting Qcn5021 Firmware →

Qcn5022 Firmware by Qualcomm

View all CVEs affecting Qcn5022 Firmware →

Qcn5052 Firmware by Qualcomm

View all CVEs affecting Qcn5052 Firmware →

Qcn5121 Firmware by Qualcomm

View all CVEs affecting Qcn5121 Firmware →

Qcn5122 Firmware by Qualcomm

View all CVEs affecting Qcn5122 Firmware →

Qcn5152 Firmware by Qualcomm

View all CVEs affecting Qcn5152 Firmware →

Qcn6023 Firmware by Qualcomm

View all CVEs affecting Qcn6023 Firmware →

Qcn6024 Firmware by Qualcomm

View all CVEs affecting Qcn6024 Firmware →

Qcn6224 Firmware by Qualcomm

View all CVEs affecting Qcn6224 Firmware →

Qcn6274 Firmware by Qualcomm

View all CVEs affecting Qcn6274 Firmware →

Qcn7606 Firmware by Qualcomm

View all CVEs affecting Qcn7606 Firmware →

Qcn9000 Firmware by Qualcomm

View all CVEs affecting Qcn9000 Firmware →

Qcn9011 Firmware by Qualcomm

View all CVEs affecting Qcn9011 Firmware →

Qcn9012 Firmware by Qualcomm

View all CVEs affecting Qcn9012 Firmware →

Qcn9013 Firmware by Qualcomm

View all CVEs affecting Qcn9013 Firmware →

Qcn9022 Firmware by Qualcomm

View all CVEs affecting Qcn9022 Firmware →

Qcn9024 Firmware by Qualcomm

View all CVEs affecting Qcn9024 Firmware →

Qcn9070 Firmware by Qualcomm

View all CVEs affecting Qcn9070 Firmware →

Qcn9072 Firmware by Qualcomm

View all CVEs affecting Qcn9072 Firmware →

Qcn9074 Firmware by Qualcomm

View all CVEs affecting Qcn9074 Firmware →

Qcn9274 Firmware by Qualcomm

View all CVEs affecting Qcn9274 Firmware →

Qcs2290 Firmware by Qualcomm

View all CVEs affecting Qcs2290 Firmware →

Qcs410 Firmware by Qualcomm

View all CVEs affecting Qcs410 Firmware →

Qcs4290 Firmware by Qualcomm

View all CVEs affecting Qcs4290 Firmware →

Qcs4490 Firmware by Qualcomm

View all CVEs affecting Qcs4490 Firmware →

Qcs5430 Firmware by Qualcomm

View all CVEs affecting Qcs5430 Firmware →

Qcs610 Firmware by Qualcomm

View all CVEs affecting Qcs610 Firmware →

Qcs6125 Firmware by Qualcomm

View all CVEs affecting Qcs6125 Firmware →

Qcs6490 Firmware by Qualcomm

View all CVEs affecting Qcs6490 Firmware →

Qcs7230 Firmware by Qualcomm

View all CVEs affecting Qcs7230 Firmware →

Qcs8155 Firmware by Qualcomm

View all CVEs affecting Qcs8155 Firmware →

Qcs8250 Firmware by Qualcomm

View all CVEs affecting Qcs8250 Firmware →

Qcs8550 Firmware by Qualcomm

View all CVEs affecting Qcs8550 Firmware →

Qdu1000 Firmware by Qualcomm

View all CVEs affecting Qdu1000 Firmware →

Qdu1010 Firmware by Qualcomm

View all CVEs affecting Qdu1010 Firmware →

Qdu1110 Firmware by Qualcomm

View all CVEs affecting Qdu1110 Firmware →

Qdu1210 Firmware by Qualcomm

View all CVEs affecting Qdu1210 Firmware →

Qdx1010 Firmware by Qualcomm

View all CVEs affecting Qdx1010 Firmware →

Qdx1011 Firmware by Qualcomm

View all CVEs affecting Qdx1011 Firmware →

Qfw7114 Firmware by Qualcomm

View all CVEs affecting Qfw7114 Firmware →

Qfw7124 Firmware by Qualcomm

View all CVEs affecting Qfw7124 Firmware →

Qrb5165m Firmware by Qualcomm

View all CVEs affecting Qrb5165m Firmware →

Qrb5165n Firmware by Qualcomm

View all CVEs affecting Qrb5165n Firmware →

Qru1032 Firmware by Qualcomm

View all CVEs affecting Qru1032 Firmware →

Qru1052 Firmware by Qualcomm

View all CVEs affecting Qru1052 Firmware →

Qru1062 Firmware by Qualcomm

View all CVEs affecting Qru1062 Firmware →

Qsm8250 Firmware by Qualcomm

View all CVEs affecting Qsm8250 Firmware →

Qsm8350 Firmware by Qualcomm

View all CVEs affecting Qsm8350 Firmware →

Qts110 Firmware by Qualcomm

View all CVEs affecting Qts110 Firmware →

Robotics Rb3 Platform Firmware by Qualcomm

View all CVEs affecting Robotics Rb3 Platform Firmware →

Robotics Rb5 Platform Firmware by Qualcomm

View all CVEs affecting Robotics Rb5 Platform Firmware →

Sa4150p Firmware by Qualcomm

View all CVEs affecting Sa4150p Firmware →

Sa4155p Firmware by Qualcomm

View all CVEs affecting Sa4155p Firmware →

Sa6145p Firmware by Qualcomm

View all CVEs affecting Sa6145p Firmware →

Sa6150p Firmware by Qualcomm

View all CVEs affecting Sa6150p Firmware →

Sa6155 Firmware by Qualcomm

View all CVEs affecting Sa6155 Firmware →

Sa6155p Firmware by Qualcomm

View all CVEs affecting Sa6155p Firmware →

Sa8145p Firmware by Qualcomm

View all CVEs affecting Sa8145p Firmware →

Sa8150p Firmware by Qualcomm

View all CVEs affecting Sa8150p Firmware →

Sa8155 Firmware by Qualcomm

View all CVEs affecting Sa8155 Firmware →

Sa8155p Firmware by Qualcomm

View all CVEs affecting Sa8155p Firmware →

Sa8195p Firmware by Qualcomm

View all CVEs affecting Sa8195p Firmware →

Sa8255p Firmware by Qualcomm

View all CVEs affecting Sa8255p Firmware →

Sa8295p Firmware by Qualcomm

View all CVEs affecting Sa8295p Firmware →

Sa8540p Firmware by Qualcomm

View all CVEs affecting Sa8540p Firmware →

Sa8770p Firmware by Qualcomm

View all CVEs affecting Sa8770p Firmware →

Sa8775p Firmware by Qualcomm

View all CVEs affecting Sa8775p Firmware →

Sa9000p Firmware by Qualcomm

View all CVEs affecting Sa9000p Firmware →

Sc8180x\+sdx55 Firmware by Qualcomm

View all CVEs affecting Sc8180x\+sdx55 Firmware →

Sc8380xp Firmware by Qualcomm

View all CVEs affecting Sc8380xp Firmware →

Sd 675 Firmware by Qualcomm

View all CVEs affecting Sd 675 Firmware →

Sd 8 Gen1 5g Firmware by Qualcomm

View all CVEs affecting Sd 8 Gen1 5g Firmware →

Sd 8cx Firmware by Qualcomm

View all CVEs affecting Sd 8cx Firmware →

Sd460 Firmware by Qualcomm

View all CVEs affecting Sd460 Firmware →

Sd662 Firmware by Qualcomm

View all CVEs affecting Sd662 Firmware →

Sd670 Firmware by Qualcomm

View all CVEs affecting Sd670 Firmware →

Sd675 Firmware by Qualcomm

View all CVEs affecting Sd675 Firmware →

Sd730 Firmware by Qualcomm

View all CVEs affecting Sd730 Firmware →

Sd855 Firmware by Qualcomm

View all CVEs affecting Sd855 Firmware →

Sd865 5g Firmware by Qualcomm

View all CVEs affecting Sd865 5g Firmware →

Sd888 Firmware by Qualcomm

View all CVEs affecting Sd888 Firmware →

Sdx55 Firmware by Qualcomm

View all CVEs affecting Sdx55 Firmware →

Sdx57m Firmware by Qualcomm

View all CVEs affecting Sdx57m Firmware →

Sdx65m Firmware by Qualcomm

View all CVEs affecting Sdx65m Firmware →

Sg4150p Firmware by Qualcomm

View all CVEs affecting Sg4150p Firmware →

Sg8275p Firmware by Qualcomm

View all CVEs affecting Sg8275p Firmware →

Sm4125 Firmware by Qualcomm

View all CVEs affecting Sm4125 Firmware →

Sm6250 Firmware by Qualcomm

View all CVEs affecting Sm6250 Firmware →

Sm6250p Firmware by Qualcomm

View all CVEs affecting Sm6250p Firmware →

Sm7250p Firmware by Qualcomm

View all CVEs affecting Sm7250p Firmware →

Sm7315 Firmware by Qualcomm

View all CVEs affecting Sm7315 Firmware →

Sm7325p Firmware by Qualcomm

View all CVEs affecting Sm7325p Firmware →

Sm8550p Firmware by Qualcomm

View all CVEs affecting Sm8550p Firmware →

Smart Audio 400 Platform Firmware by Qualcomm

View all CVEs affecting Smart Audio 400 Platform Firmware →

Snapdragon 4 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 4 Gen 1 Mobile Platform Firmware →

Snapdragon 4 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 4 Gen 2 Mobile Platform Firmware →

Snapdragon 460 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 460 Mobile Platform Firmware →

Snapdragon 480 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 480 5g Mobile Platform Firmware →

Snapdragon 480 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 480 5g Mobile Platform Firmware →

Snapdragon 662 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 662 Mobile Platform Firmware →

Snapdragon 665 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 665 Mobile Platform Firmware →

Snapdragon 670 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 670 Mobile Platform Firmware →

Snapdragon 675 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 675 Mobile Platform Firmware →

Snapdragon 678 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 678 Mobile Platform Firmware →

Snapdragon 680 4g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 680 4g Mobile Platform Firmware →

Snapdragon 685 4g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 685 4g Mobile Platform Firmware →

Snapdragon 690 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 690 5g Mobile Platform Firmware →

Snapdragon 695 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 695 5g Mobile Platform Firmware →

Snapdragon 710 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 710 Mobile Platform Firmware →

Snapdragon 712 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 712 Mobile Platform Firmware →

Snapdragon 720g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 720g Mobile Platform Firmware →

Snapdragon 730 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 730 Mobile Platform Firmware →

Snapdragon 730g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 730g Mobile Platform Firmware →

Snapdragon 732g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 732g Mobile Platform Firmware →

Snapdragon 750g 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 750g 5g Mobile Platform Firmware →

Snapdragon 765 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 765 5g Mobile Platform Firmware →

Snapdragon 765g 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 765g 5g Mobile Platform Firmware →

Snapdragon 768g 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 768g 5g Mobile Platform Firmware →

Snapdragon 778g 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g 5g Mobile Platform Firmware →

Snapdragon 778g 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g 5g Mobile Platform Firmware →

Snapdragon 780g 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 780g 5g Mobile Platform Firmware →

Snapdragon 782g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 782g Mobile Platform Firmware →

Snapdragon 7c Compute Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c Compute Platform Firmware →

Snapdragon 7c Gen 2 Compute Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c Gen 2 Compute Platform Firmware →

Snapdragon 7c\+ Gen 3 Compute Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c\+ Gen 3 Compute Firmware →

Snapdragon 8 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Mobile Platform Firmware →

Snapdragon 8 Gen 1 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Mobile Platform Firmware →

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 2 Mobile Platform Firmware →

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 2 Mobile Platform Firmware →

Snapdragon 845 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 845 Mobile Platform Firmware →

Snapdragon 850 Mobile Compute Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 850 Mobile Compute Platform Firmware →

Snapdragon 855 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 855 Mobile Platform Firmware →

Snapdragon 855\+\/860 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 855\+\/860 Mobile Platform Firmware →

Snapdragon 865 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 865 5g Mobile Platform Firmware →

Snapdragon 865 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 865 5g Mobile Platform Firmware →

Snapdragon 870 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 870 5g Mobile Platform Firmware →

Snapdragon 888 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 888 5g Mobile Platform Firmware →

Snapdragon 888 5g Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 888 5g Mobile Platform Firmware →

Snapdragon Ar2 Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Ar2 Gen 1 Platform Firmware →

Snapdragon Auto 4g Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 4g Modem Firmware →

Snapdragon Auto 5g Modem Rf Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →

Snapdragon Auto 5g Modem Rf Gen 2 Firmware by Qualcomm

View all CVEs affecting Snapdragon Auto 5g Modem Rf Gen 2 Firmware →

Snapdragon Sc8180x Aa Firmware by Qualcomm

View all CVEs affecting Snapdragon Sc8180x Aa Firmware →

Snapdragon Sc8180x Ac Firmware by Qualcomm

View all CVEs affecting Snapdragon Sc8180x Ac Firmware →

Snapdragon Sc8180x Ad Firmware by Qualcomm

View all CVEs affecting Snapdragon Sc8180x Ad Firmware →

Snapdragon Sc8180xp Aa Firmware by Qualcomm

View all CVEs affecting Snapdragon Sc8180xp Aa Firmware →

Snapdragon Sc8180xp Ac Firmware by Qualcomm

View all CVEs affecting Snapdragon Sc8180xp Ac Firmware →

Snapdragon Sc8180xp Ad Firmware by Qualcomm

View all CVEs affecting Snapdragon Sc8180xp Ad Firmware →

Snapdragon Sc8280xp Ab Firmware by Qualcomm

View all CVEs affecting Snapdragon Sc8280xp Ab Firmware →

Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →

Snapdragon Wear 1300 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Wear 1300 Platform Firmware →

Snapdragon X24 Lte Modem Firmware by Qualcomm

View all CVEs affecting Snapdragon X24 Lte Modem Firmware →

Snapdragon X50 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X50 5g Modem Rf System Firmware →

Snapdragon X55 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X55 5g Modem Rf System Firmware →

Snapdragon X65 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X65 5g Modem Rf System Firmware →

Snapdragon X70 Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X70 Modem Rf System Firmware →

Snapdragon X75 5g Modem Rf System Firmware by Qualcomm

View all CVEs affecting Snapdragon X75 5g Modem Rf System Firmware →

Snapdragon Xr1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr1 Platform Firmware →

Snapdragon Xr2 5g Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2 5g Platform Firmware →

Snapdragon Xr2\+ Gen 1 Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2\+ Gen 1 Platform Firmware →

Ssg2115p Firmware by Qualcomm

View all CVEs affecting Ssg2115p Firmware →

Ssg2125p Firmware by Qualcomm

View all CVEs affecting Ssg2125p Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr1120 Firmware by Qualcomm

View all CVEs affecting Sxr1120 Firmware →

Sxr1230p Firmware by Qualcomm

View all CVEs affecting Sxr1230p Firmware →

Sxr2130 Firmware by Qualcomm

View all CVEs affecting Sxr2130 Firmware →

Sxr2230p Firmware by Qualcomm

View all CVEs affecting Sxr2230p Firmware →

Video Collaboration Vc1 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc1 Platform Firmware →

Video Collaboration Vc3 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc3 Platform Firmware →

Video Collaboration Vc5 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc5 Platform Firmware →

Vision Intelligence 300 Platform Firmware by Qualcomm

View all CVEs affecting Vision Intelligence 300 Platform Firmware →

Vision Intelligence 400 Platform Firmware by Qualcomm

View all CVEs affecting Vision Intelligence 400 Platform Firmware →

Wcd9306 Firmware by Qualcomm

View all CVEs affecting Wcd9306 Firmware →

Wcd9326 Firmware by Qualcomm

View all CVEs affecting Wcd9326 Firmware →

Wcd9335 Firmware by Qualcomm

View all CVEs affecting Wcd9335 Firmware →

Wcd9340 Firmware by Qualcomm

View all CVEs affecting Wcd9340 Firmware →

Wcd9341 Firmware by Qualcomm

View all CVEs affecting Wcd9341 Firmware →

Wcd9360 Firmware by Qualcomm

View all CVEs affecting Wcd9360 Firmware →

Wcd9370 Firmware by Qualcomm

View all CVEs affecting Wcd9370 Firmware →

Wcd9371 Firmware by Qualcomm

View all CVEs affecting Wcd9371 Firmware →

Wcd9375 Firmware by Qualcomm

View all CVEs affecting Wcd9375 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcd9390 Firmware by Qualcomm

View all CVEs affecting Wcd9390 Firmware →

Wcd9395 Firmware by Qualcomm

View all CVEs affecting Wcd9395 Firmware →

Wcn3910 Firmware by Qualcomm

View all CVEs affecting Wcn3910 Firmware →

Wcn3950 Firmware by Qualcomm

View all CVEs affecting Wcn3950 Firmware →

Wcn3980 Firmware by Qualcomm

View all CVEs affecting Wcn3980 Firmware →

Wcn3988 Firmware by Qualcomm

View all CVEs affecting Wcn3988 Firmware →

Wcn3990 Firmware by Qualcomm

View all CVEs affecting Wcn3990 Firmware →

Wcn3999 Firmware by Qualcomm

View all CVEs affecting Wcn3999 Firmware →

Wcn6740 Firmware by Qualcomm

View all CVEs affecting Wcn6740 Firmware →

Wsa8810 Firmware by Qualcomm

View all CVEs affecting Wsa8810 Firmware →

Wsa8815 Firmware by Qualcomm

View all CVEs affecting Wsa8815 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

Wsa8840 Firmware by Qualcomm

View all CVEs affecting Wsa8840 Firmware →

Wsa8845 Firmware by Qualcomm

View all CVEs affecting Wsa8845 Firmware →

Wsa8845h Firmware by Qualcomm

View all CVEs affecting Wsa8845h Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the Trusted Execution Environment, allowing attackers to bypass hardware security protections, access encrypted data, and potentially gain persistent control over the device.

🟠

Likely Case

Local privilege escalation from a compromised Android application to TEE kernel level, allowing access to secure keys and protected operations.

🟢

If Mitigated

Limited impact if proper application sandboxing and TEE isolation are maintained, though TEE compromise remains serious.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires local code execution capability and detailed knowledge of TEE internals. No public exploits available as of advisory publication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm December 2023 security bulletin for specific chipset patches

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for your specific chipset. 2. Obtain firmware update from device manufacturer. 3. Apply security patch through standard Android update process. 4. Reboot device to complete installation.

🔧 Temporary Workarounds

Restrict TEE access

android

Limit which applications can access TEE services through Android permissions

🧯 If You Can't Patch

• Isolate devices from untrusted networks and users
• Implement application allowlisting to prevent untrusted apps from running

🔍 How to Verify

Check if Vulnerable:

Copy

Check Android security patch level - devices with December 2023 or later patches should be protected. Check Qualcomm chipset version against advisory.

Check Version:

Copy

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Copy

Verify Android security patch level includes December 2023 or later updates. Confirm TEE firmware version if accessible.

📡 Detection & Monitoring

Log Indicators:

• Unusual TEE service access patterns
• Failed TEE initialization attempts
• Unexpected process crashes in secure context

Network Indicators:

• None - this is a local vulnerability

SIEM Query:

Copy

Process monitoring for unusual TEE access patterns or privilege escalation attempts

📊 Metadata

CVE ID: CVE-2023-28585

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-680

Published: December 5, 2023

Last Updated: August 11, 2025

🔗 References

• https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin Vendor Advisory
• https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-28585, you might also want to check these:

CVE-2020-13576 9.8

A remote code execution vulnerability exists in the WS-Addressing plugin of Genivia gSOAP 2.8.107. A...

Same vulnerability type (CWE-680)

CVE-2021-21783 9.8

This vulnerability allows remote code execution in Genivia gSOAP's WS-Addressing plugin. Attackers c...

Same vulnerability type (CWE-680)

CVE-2024-33078 9.8

CVE-2024-33078 is a critical buffer overflow vulnerability in Tencent Libpag v4.3 that allows remote...

Same vulnerability type (CWE-680)