CVE-2023-33032
📋 TL;DR
This vulnerability allows memory corruption in the TrustZone Secure OS when requesting memory allocation from the Trusted Application region. It affects Qualcomm chipsets with TrustZone technology, potentially enabling attackers to execute arbitrary code in the secure environment. This impacts mobile devices, IoT devices, and embedded systems using affected Qualcomm hardware.
💻 Affected Systems
- Qualcomm chipsets with TrustZone technology
📦 What is this software?
Smart Audio 400 Platform Firmware by Qualcomm
Snapdragon 665 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 665 Mobile Platform Firmware →
Snapdragon 675 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 675 Mobile Platform Firmware →
Snapdragon 678 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 678 Mobile Platform Firmware →
Snapdragon 720g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 720g Mobile Platform Firmware →
Snapdragon 730 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 730 Mobile Platform Firmware →
Snapdragon 730g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 730g Mobile Platform Firmware →
Snapdragon 732g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 732g Mobile Platform Firmware →
Snapdragon 7c Compute Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 7c Compute Platform Firmware →
Snapdragon 7c Gen 2 Compute Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 7c Gen 2 Compute Platform Firmware →
Snapdragon 855 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 855 Mobile Platform Firmware →
Snapdragon 855\+\/860 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 855\+\/860 Mobile Platform Firmware →
Snapdragon 8c Compute Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 8c Compute Platform Firmware →
Snapdragon 8c Compute Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 8c Compute Platform Firmware →
Snapdragon 8cx Compute Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 8cx Compute Platform Firmware →
Snapdragon 8cx Compute Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 8cx Compute Platform Firmware →
Snapdragon 8cx Gen 2 5g Compute Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 8cx Gen 2 5g Compute Platform Firmware →
Snapdragon 8cx Gen 2 5g Compute Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 8cx Gen 2 5g Compute Platform Firmware →
Snapdragon Auto 4g Modem Firmware by Qualcomm
Snapdragon Auto 5g Modem Rf Firmware by Qualcomm
View all CVEs affecting Snapdragon Auto 5g Modem Rf Firmware →
Snapdragon Wear 1300 Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon Wear 1300 Platform Firmware →
Snapdragon X24 Lte Modem Firmware by Qualcomm
Snapdragon X50 5g Modem Rf System Firmware by Qualcomm
View all CVEs affecting Snapdragon X50 5g Modem Rf System Firmware →
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of the TrustZone secure environment, allowing attackers to bypass hardware security features, extract encryption keys, manipulate secure boot, and gain persistent root access to the device.
Likely Case
Privilege escalation from Android/Linux userland to TrustZone secure world, enabling extraction of sensitive data like biometric templates, payment credentials, and DRM keys.
If Mitigated
Limited impact if devices have proper memory isolation and exploit mitigations, though TrustZone compromise remains serious.
🎯 Exploit Status
Exploitation requires local access and knowledge of TrustZone internals. No public exploits known as of January 2024.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: January 2024 security patches from Qualcomm
Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin
Restart Required: Yes
Instructions:
1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm January 2024 security patches. 3. Update device firmware through official channels. 4. Reboot device after update.
🔧 Temporary Workarounds
Restrict TrustZone access
androidLimit which applications can interact with TrustZone services
Enhanced monitoring
allMonitor for unusual TrustZone service calls or memory allocation patterns
🧯 If You Can't Patch
- Isolate affected devices from untrusted networks
- Implement strict application whitelisting to prevent malicious code execution
🔍 How to Verify
Check if Vulnerable:
Check device firmware version against Qualcomm's patched versions list. Use 'getprop ro.build.fingerprint' on Android to check build date.Check Version:
On Android: adb shell getprop ro.build.version.security_patchVerify Fix Applied:
Verify firmware version includes January 2024 or later security patches. Check with device manufacturer for specific patch verification.📡 Detection & Monitoring
Log Indicators:
- Unusual TrustZone service calls
- Memory allocation failures in secure world
- Unexpected secure world crashes
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
Search for TrustZone-related error codes or secure world exceptions in device logs