CVE-2023-43534

Q: What is the severity of CVE-2023-43534?

CVE-2023-43534 has a CVSS score of 8.6 (HIGH). This vulnerability allows memory corruption when a Wi-Fi station connects to an access point due to improper validation of TID to Link Mapping action request frames. Attackers within Wi-Fi range could potentially execute arbitrary code or cause denial of service. Affects devices with vulnerable Qualcomm Wi-Fi chipsets.

8.6 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows memory corruption when a Wi-Fi station connects to an access point due to improper validation of TID to Link Mapping action request frames. Attackers within Wi-Fi range could potentially execute arbitrary code or cause denial of service. Affects devices with vulnerable Qualcomm Wi-Fi chipsets.

💻 Affected Systems

Products:

Qualcomm Wi-Fi chipsets and devices using them

Versions: Specific chipset firmware versions prior to February 2024 patches

Operating Systems: Android, Linux, and other OS using Qualcomm Wi-Fi drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices when Wi-Fi is enabled and connecting to networks. Exact product list requires checking Qualcomm's advisory.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data theft, or persistent backdoor installation

🟠

Likely Case

Denial of service (device crash/reboot) or limited memory corruption leading to instability

🟢

If Mitigated

Limited impact if network segmentation and access controls prevent attacker proximity

🌐 Internet-Facing: MEDIUM - Requires attacker to be within Wi-Fi range, but many devices are internet-facing

🏢 Internal Only: MEDIUM - Internal Wi-Fi networks could be compromised by malicious insiders or compromised devices

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires proximity to target's Wi-Fi network and knowledge of Wi-Fi frame manipulation

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates released in February 2024

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for security updates. 2. Apply Qualcomm firmware updates. 3. Reboot device. 4. Verify Wi-Fi functionality.

🔧 Temporary Workarounds

Disable Wi-Fi when not needed

linux

Turn off Wi-Fi radio to prevent connection attempts

nmcli radio wifi off
ip link set wlan0 down

Use wired connections

all

Prefer Ethernet over Wi-Fi for critical systems

🧯 If You Can't Patch

Segment Wi-Fi networks and restrict access to trusted devices only
Implement network monitoring for abnormal Wi-Fi frame patterns

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm's patched versions list

Check Version:

Check device-specific commands (e.g., 'cat /proc/version' for Linux, device settings for Android)

Verify Fix Applied:

Verify firmware version has been updated to post-February 2024 release

📡 Detection & Monitoring

Log Indicators:

Wi-Fi driver crashes
Kernel panics related to Wi-Fi
Unexpected device reboots

Network Indicators:

Malformed TID to Link Mapping frames
Abnormal Wi-Fi connection attempts

SIEM Query:

source="wifi_logs" AND (event="driver_crash" OR event="kernel_panic")

📊 Metadata

CVE ID: CVE-2023-43534

CVSS v3 Score: 8.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE: CWE-823

Published: February 6, 2024

Last Updated: August 11, 2025

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Flight Rb5 5g Platform Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6554a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qcc2073 Firmware by Qualcomm

Qcc2076 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcm8550 Firmware by Qualcomm

Qcn6224 Firmware by Qualcomm

Qcn6274 Firmware by Qualcomm

Qcs7230 Firmware by Qualcomm

Qcs8250 Firmware by Qualcomm

Qcs8550 Firmware by Qualcomm

Qfw7114 Firmware by Qualcomm

Qfw7124 Firmware by Qualcomm

Qrb5165n Firmware by Qualcomm

Robotics Rb5 Platform Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sa8255p Firmware by Qualcomm

Sa8650p Firmware by Qualcomm

Sa8770p Firmware by Qualcomm

Sa8775p Firmware by Qualcomm

Sa9000p Firmware by Qualcomm

Sm8550p Firmware by Qualcomm

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

Snapdragon Ar2 Gen 1 Platform Firmware by Qualcomm

Snapdragon X75 5g Modem Rf System Firmware by Qualcomm

Srv1h Firmware by Qualcomm

Srv1m Firmware by Qualcomm

Ssg2115p Firmware by Qualcomm

Ssg2125p Firmware by Qualcomm

Sxr1230p Firmware by Qualcomm

Sxr2230p Firmware by Qualcomm

Video Collaboration Vc5 Platform Firmware by Qualcomm

Wcd9340 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcd9390 Firmware by Qualcomm

Wcd9395 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8832 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm

Wsa8840 Firmware by Qualcomm

Wsa8845 Firmware by Qualcomm

Wsa8845h Firmware by Qualcomm