CVE-2023-43548

7.3 HIGH

Buffer Overflow

📋 TL;DR

This vulnerability allows memory corruption when parsing QCP audio files with invalid chunk data sizes. Attackers could potentially execute arbitrary code or cause denial of service by tricking users into opening malicious QCP files. This affects Qualcomm chipsets and devices using vulnerable multimedia processing components.

💻 Affected Systems

Products:

• Qualcomm chipsets with multimedia processing capabilities

Versions: Multiple Qualcomm chipset versions prior to March 2024 security updates

Operating Systems: Android, Linux-based systems using Qualcomm chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices using Qualcomm's multimedia framework for QCP file processing

📦 What is this software?

Aqt1000 Firmware by Qualcomm

View all CVEs affecting Aqt1000 Firmware →

Fastconnect 6200 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6200 Firmware →

Fastconnect 6700 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6700 Firmware →

Fastconnect 6800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6800 Firmware →

Fastconnect 6900 Firmware by Qualcomm

View all CVEs affecting Fastconnect 6900 Firmware →

Fastconnect 7800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 7800 Firmware →

Qam8255p Firmware by Qualcomm

View all CVEs affecting Qam8255p Firmware →

Qam8295p Firmware by Qualcomm

View all CVEs affecting Qam8295p Firmware →

Qam8650p Firmware by Qualcomm

View all CVEs affecting Qam8650p Firmware →

Qam8775p Firmware by Qualcomm

View all CVEs affecting Qam8775p Firmware →

Qamsrv1h Firmware by Qualcomm

View all CVEs affecting Qamsrv1h Firmware →

Qamsrv1m Firmware by Qualcomm

View all CVEs affecting Qamsrv1m Firmware →

Qca6310 Firmware by Qualcomm

View all CVEs affecting Qca6310 Firmware →

Qca6320 Firmware by Qualcomm

View all CVEs affecting Qca6320 Firmware →

Qca6391 Firmware by Qualcomm

View all CVEs affecting Qca6391 Firmware →

Qca6420 Firmware by Qualcomm

View all CVEs affecting Qca6420 Firmware →

Qca6430 Firmware by Qualcomm

View all CVEs affecting Qca6430 Firmware →

Qca6574 Firmware by Qualcomm

View all CVEs affecting Qca6574 Firmware →

Qca6574a Firmware by Qualcomm

View all CVEs affecting Qca6574a Firmware →

Qca6574au Firmware by Qualcomm

View all CVEs affecting Qca6574au Firmware →

Qca6595 Firmware by Qualcomm

View all CVEs affecting Qca6595 Firmware →

Qca6595au Firmware by Qualcomm

View all CVEs affecting Qca6595au Firmware →

Qca6678aq Firmware by Qualcomm

View all CVEs affecting Qca6678aq Firmware →

Qca6696 Firmware by Qualcomm

View all CVEs affecting Qca6696 Firmware →

Qca6698aq Firmware by Qualcomm

View all CVEs affecting Qca6698aq Firmware →

Qcm2290 Firmware by Qualcomm

View all CVEs affecting Qcm2290 Firmware →

Qcm4290 Firmware by Qualcomm

View all CVEs affecting Qcm4290 Firmware →

Qcm4490 Firmware by Qualcomm

View all CVEs affecting Qcm4490 Firmware →

Qcm6490 Firmware by Qualcomm

View all CVEs affecting Qcm6490 Firmware →

Qcn7606 Firmware by Qualcomm

View all CVEs affecting Qcn7606 Firmware →

Qcs2290 Firmware by Qualcomm

View all CVEs affecting Qcs2290 Firmware →

Qcs410 Firmware by Qualcomm

View all CVEs affecting Qcs410 Firmware →

Qcs4290 Firmware by Qualcomm

View all CVEs affecting Qcs4290 Firmware →

Qcs4490 Firmware by Qualcomm

View all CVEs affecting Qcs4490 Firmware →

Qcs610 Firmware by Qualcomm

View all CVEs affecting Qcs610 Firmware →

Qcs6490 Firmware by Qualcomm

View all CVEs affecting Qcs6490 Firmware →

Sa4150p Firmware by Qualcomm

View all CVEs affecting Sa4150p Firmware →

Sa4155p Firmware by Qualcomm

View all CVEs affecting Sa4155p Firmware →

Sa6145p Firmware by Qualcomm

View all CVEs affecting Sa6145p Firmware →

Sa6150p Firmware by Qualcomm

View all CVEs affecting Sa6150p Firmware →

Sa6155p Firmware by Qualcomm

View all CVEs affecting Sa6155p Firmware →

Sa8145p Firmware by Qualcomm

View all CVEs affecting Sa8145p Firmware →

Sa8150p Firmware by Qualcomm

View all CVEs affecting Sa8150p Firmware →

Sa8155p Firmware by Qualcomm

View all CVEs affecting Sa8155p Firmware →

Sa8195p Firmware by Qualcomm

View all CVEs affecting Sa8195p Firmware →

Sa8255p Firmware by Qualcomm

View all CVEs affecting Sa8255p Firmware →

Sa8295p Firmware by Qualcomm

View all CVEs affecting Sa8295p Firmware →

Sa8650p Firmware by Qualcomm

View all CVEs affecting Sa8650p Firmware →

Sa8770p Firmware by Qualcomm

View all CVEs affecting Sa8770p Firmware →

Sa8775p Firmware by Qualcomm

View all CVEs affecting Sa8775p Firmware →

Sa9000p Firmware by Qualcomm

View all CVEs affecting Sa9000p Firmware →

Sd 8 Gen1 5g Firmware by Qualcomm

View all CVEs affecting Sd 8 Gen1 5g Firmware →

Sd660 Firmware by Qualcomm

View all CVEs affecting Sd660 Firmware →

Sd670 Firmware by Qualcomm

View all CVEs affecting Sd670 Firmware →

Sd730 Firmware by Qualcomm

View all CVEs affecting Sd730 Firmware →

Sd835 Firmware by Qualcomm

View all CVEs affecting Sd835 Firmware →

Sd855 Firmware by Qualcomm

View all CVEs affecting Sd855 Firmware →

Sd865 5g Firmware by Qualcomm

View all CVEs affecting Sd865 5g Firmware →

Sd888 Firmware by Qualcomm

View all CVEs affecting Sd888 Firmware →

Sm6250 Firmware by Qualcomm

View all CVEs affecting Sm6250 Firmware →

Sm7250p Firmware by Qualcomm

View all CVEs affecting Sm7250p Firmware →

Sm7315 Firmware by Qualcomm

View all CVEs affecting Sm7315 Firmware →

Sm7325p Firmware by Qualcomm

View all CVEs affecting Sm7325p Firmware →

Snapdragon 4 Gen 1 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 4 Gen 1 Mobile Firmware →

Snapdragon 4 Gen 2 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 4 Gen 2 Mobile Firmware →

Snapdragon 460 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 460 Mobile Firmware →

Snapdragon 480 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 480 5g Mobile Firmware →

Snapdragon 480 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 480 5g Mobile Firmware →

Snapdragon 660 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 660 Mobile Firmware →

Snapdragon 662 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 662 Mobile Firmware →

Snapdragon 665 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 665 Mobile Firmware →

Snapdragon 670 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 670 Mobile Firmware →

Snapdragon 675 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 675 Mobile Firmware →

Snapdragon 678 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 678 Mobile Firmware →

Snapdragon 680 4g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 680 4g Mobile Firmware →

Snapdragon 685 4g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 685 4g Mobile Firmware →

Snapdragon 690 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 690 5g Mobile Firmware →

Snapdragon 695 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 695 5g Mobile Firmware →

Snapdragon 710 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 710 Mobile Firmware →

Snapdragon 720g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 720g Mobile Firmware →

Snapdragon 730 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 730 Mobile Firmware →

Snapdragon 730g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 730g Mobile Firmware →

Snapdragon 732g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 732g Mobile Firmware →

Snapdragon 765 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 765 5g Mobile Firmware →

Snapdragon 765g 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 765g 5g Mobile Firmware →

Snapdragon 768g 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 768g 5g Mobile Firmware →

Snapdragon 778g 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g 5g Mobile Firmware →

Snapdragon 778g 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 778g 5g Mobile Firmware →

Snapdragon 780g 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 780g 5g Mobile Firmware →

Snapdragon 782g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 782g Mobile Firmware →

Snapdragon 7c\+ Gen 3 Compute Firmware by Qualcomm

View all CVEs affecting Snapdragon 7c\+ Gen 3 Compute Firmware →

Snapdragon 8 Gen 1 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Mobile Firmware →

Snapdragon 8 Gen 1 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 1 Mobile Firmware →

Snapdragon 835 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 835 Mobile Firmware →

Snapdragon 845 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 845 Mobile Firmware →

Snapdragon 855 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 855 Mobile Firmware →

Snapdragon 855 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 855 Mobile Firmware →

Snapdragon 860 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 860 Mobile Firmware →

Snapdragon 865 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 865 5g Mobile Firmware →

Snapdragon 865 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 865 5g Mobile Firmware →

Snapdragon 870 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 870 5g Mobile Firmware →

Snapdragon 888 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 888 5g Mobile Firmware →

Snapdragon 888 5g Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 888 5g Mobile Firmware →

Snapdragon W5\+ Gen 1 Wearable Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Firmware →

Snapdragon Wear 4100\+ Firmware by Qualcomm

View all CVEs affecting Snapdragon Wear 4100\+ Firmware →

Snapdragon X55 5g Modem Rf Firmware by Qualcomm

View all CVEs affecting Snapdragon X55 5g Modem Rf Firmware →

Snapdragon Xr1 Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr1 Firmware →

Snapdragon Xr2 5g Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2 5g Firmware →

Snapdragon Xr2\+ Gen 1 Firmware by Qualcomm

View all CVEs affecting Snapdragon Xr2\+ Gen 1 Firmware →

Srv1h Firmware by Qualcomm

View all CVEs affecting Srv1h Firmware →

Srv1m Firmware by Qualcomm

View all CVEs affecting Srv1m Firmware →

Ssg2115p Firmware by Qualcomm

View all CVEs affecting Ssg2115p Firmware →

Ssg2125p Firmware by Qualcomm

View all CVEs affecting Ssg2125p Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr1120 Firmware by Qualcomm

View all CVEs affecting Sxr1120 Firmware →

Sxr1230p Firmware by Qualcomm

View all CVEs affecting Sxr1230p Firmware →

Sxr2230p Firmware by Qualcomm

View all CVEs affecting Sxr2230p Firmware →

Video Collaboration Vc1 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc1 Platform Firmware →

Video Collaboration Vc3 Platform Firmware by Qualcomm

View all CVEs affecting Video Collaboration Vc3 Platform Firmware →

Wcd9326 Firmware by Qualcomm

View all CVEs affecting Wcd9326 Firmware →

Wcd9335 Firmware by Qualcomm

View all CVEs affecting Wcd9335 Firmware →

Wcd9340 Firmware by Qualcomm

View all CVEs affecting Wcd9340 Firmware →

Wcd9341 Firmware by Qualcomm

View all CVEs affecting Wcd9341 Firmware →

Wcd9370 Firmware by Qualcomm

View all CVEs affecting Wcd9370 Firmware →

Wcd9375 Firmware by Qualcomm

View all CVEs affecting Wcd9375 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9385 Firmware by Qualcomm

View all CVEs affecting Wcd9385 Firmware →

Wcn3610 Firmware by Qualcomm

View all CVEs affecting Wcn3610 Firmware →

Wcn3660b Firmware by Qualcomm

View all CVEs affecting Wcn3660b Firmware →

Wcn3680b Firmware by Qualcomm

View all CVEs affecting Wcn3680b Firmware →

Wcn3910 Firmware by Qualcomm

View all CVEs affecting Wcn3910 Firmware →

Wcn3950 Firmware by Qualcomm

View all CVEs affecting Wcn3950 Firmware →

Wcn3980 Firmware by Qualcomm

View all CVEs affecting Wcn3980 Firmware →

Wcn3988 Firmware by Qualcomm

View all CVEs affecting Wcn3988 Firmware →

Wcn3990 Firmware by Qualcomm

View all CVEs affecting Wcn3990 Firmware →

Wcn6740 Firmware by Qualcomm

View all CVEs affecting Wcn6740 Firmware →

Wsa8810 Firmware by Qualcomm

View all CVEs affecting Wsa8810 Firmware →

Wsa8815 Firmware by Qualcomm

View all CVEs affecting Wsa8815 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Application crash or denial of service affecting multimedia playback functionality.

🟢

If Mitigated

Limited impact with proper sandboxing and memory protection mechanisms in place.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction to open malicious QCP file

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: March 2024 Qualcomm security updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for available security updates. 2. Apply March 2024 or later Qualcomm security patches. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Disable QCP file processing

all

Block or disable QCP file handling in affected applications

Application sandboxing

linux

Run multimedia applications with reduced privileges and memory protections

🧯 If You Can't Patch

• Implement application whitelisting to prevent unauthorized QCP file execution
• Deploy network filtering to block QCP files from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Copy

Check device security patch level - if before March 2024, likely vulnerable

Check Version:

Copy

On Android: Settings > About phone > Android security patch level

Verify Fix Applied:

Copy

Verify security patch level shows March 2024 or later Qualcomm updates

📡 Detection & Monitoring

Log Indicators:

• Application crashes during QCP file processing
• Memory access violation errors in system logs

Network Indicators:

• Unexpected QCP file downloads from untrusted sources

SIEM Query:

Copy

source="*kernel*" AND ("segmentation fault" OR "memory corruption") AND "qcp"

📊 Metadata

CVE ID: CVE-2023-43548

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-120

Published: March 4, 2024

Last Updated: August 11, 2025

🔗 References

• https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin Vendor Advisory
• https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-43548, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)

CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)

CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)