CVE-2023-43529

Q: What is the severity of CVE-2023-43529?

CVE-2023-43529 has a CVSS score of 7.5 (HIGH). This vulnerability allows attackers to cause a denial-of-service condition in IKEv2 implementations by sending malformed fragment packets. It affects systems using Qualcomm's IKEv2 implementation, potentially disrupting VPN and secure communication services.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows attackers to cause a denial-of-service condition in IKEv2 implementations by sending malformed fragment packets. It affects systems using Qualcomm's IKEv2 implementation, potentially disrupting VPN and secure communication services.

💻 Affected Systems

Products:

Qualcomm IKEv2 implementation

Versions: Specific versions not detailed in provided references; check Qualcomm May 2024 bulletin for exact affected versions

Operating Systems: Android, Embedded systems using Qualcomm chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with IKEv2 enabled; exact product list requires checking Qualcomm's detailed bulletin

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of IKEv2 services, causing VPN connections to drop and preventing new secure connections from being established.

🟠

Likely Case

Temporary service interruption affecting IKEv2 sessions, requiring service restart to restore functionality.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring in place to detect and block malicious traffic.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending specially crafted IKEv2 packets to vulnerable systems

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm May 2024 security bulletin for specific patched versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm May 2024 security bulletin for affected products. 2. Apply vendor-provided firmware updates. 3. Restart affected devices/services.

🔧 Temporary Workarounds

Network filtering

all

Block or filter IKEv2 traffic from untrusted sources using firewalls or network ACLs

Disable IKEv2 if not needed

all

Use alternative VPN protocols if IKEv2 functionality is not required

🧯 If You Can't Patch

Implement strict network segmentation to isolate IKEv2 services
Deploy intrusion detection/prevention systems to monitor for malformed IKEv2 packets

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm's affected version list in May 2024 bulletin

Check Version:

Device-specific; typically 'getprop ro.build.version' or similar on Android devices

Verify Fix Applied:

Verify firmware version has been updated to patched version specified in Qualcomm bulletin

📡 Detection & Monitoring

Log Indicators:

Unexpected IKEv2 connection drops
IKEv2 service crashes/restarts
Malformed packet warnings in network logs

Network Indicators:

Unusual IKEv2 traffic patterns
Spike in IKEv2 informational requests
Fragmented IKEv2 packets from single sources

SIEM Query:

Search for IKEv2 protocol anomalies or service disruption events in VPN/IKE logs

📊 Metadata

CVE ID: CVE-2023-43529

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

Published: May 6, 2024

Last Updated: August 11, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

315 5g Iot Modem Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6800 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcm4325 Firmware by Qualcomm

Qcm4490 Firmware by Qualcomm

Qcm5430 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcm8550 Firmware by Qualcomm

Qcn6024 Firmware by Qualcomm

Qcn6224 Firmware by Qualcomm

Qcn6274 Firmware by Qualcomm

Qcn9024 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qcs4490 Firmware by Qualcomm

Qcs5430 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qcs6125 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Qcs8550 Firmware by Qualcomm

Qep8111 Firmware by Qualcomm

Qfw7114 Firmware by Qualcomm

Qfw7124 Firmware by Qualcomm

Sc8180x Aaab Firmware by Qualcomm

Sc8180x Acaf Firmware by Qualcomm

Sc8180x Ad Firmware by Qualcomm

Sc8180x\+sdx55 Firmware by Qualcomm

Sc8180xp Aaab Firmware by Qualcomm

Sc8180xp Acaf Firmware by Qualcomm

Sc8180xp Ad Firmware by Qualcomm

Sd 675 Firmware by Qualcomm

Sd675 Firmware by Qualcomm

Sd730 Firmware by Qualcomm

Sd855 Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sd888 Firmware by Qualcomm

Sdx55 Firmware by Qualcomm

Sdx57m Firmware by Qualcomm

Sg4150p Firmware by Qualcomm

Sg8275p Firmware by Qualcomm

Sm6250 Firmware by Qualcomm

Sm6250p Firmware by Qualcomm

Sm7250p Firmware by Qualcomm

Sm7315 Firmware by Qualcomm

Sm7325p Firmware by Qualcomm

Sm8550p Firmware by Qualcomm