CVE-2023-43551

Q: What is the severity of CVE-2023-43551?

CVE-2023-43551 has a CVSS score of 9.1 (CRITICAL). This vulnerability allows a rogue LTE base station to bypass authentication during network attachment, enabling man-in-the-middle attacks. It affects mobile devices with Qualcomm chipsets that handle LTE connectivity. Attackers can intercept or manipulate cellular communications without proper authentication.

9.1 CRITICAL

Authentication Bypass

📋 TL;DR

This vulnerability allows a rogue LTE base station to bypass authentication during network attachment, enabling man-in-the-middle attacks. It affects mobile devices with Qualcomm chipsets that handle LTE connectivity. Attackers can intercept or manipulate cellular communications without proper authentication.

💻 Affected Systems

Products:

Qualcomm Snapdragon mobile platforms with LTE modems

Versions: Specific chipset versions not publicly detailed; refer to Qualcomm security bulletin for affected products.

Operating Systems: Android and other mobile OS using affected Qualcomm chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices during LTE network attachment; requires physical proximity to deploy rogue base station.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete interception of cellular communications including voice, SMS, and data traffic; potential for location tracking, call eavesdropping, and data theft.

🟠

Likely Case

Targeted attacks against specific devices in areas with rogue base stations; interception of unencrypted traffic and metadata collection.

🟢

If Mitigated

Limited impact if devices use additional encryption layers (like VPNs) and avoid untrusted networks; normal cellular security measures still apply.

🌐 Internet-Facing: HIGH - Cellular networks are inherently internet-facing; rogue base stations can be deployed in public areas.

🏢 Internal Only: LOW - This is a cellular network vulnerability, not typically affecting internal corporate networks directly.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires specialized equipment to deploy rogue LTE base station; technical knowledge of cellular protocols needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm security bulletin for specific chipset firmware updates.

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches through OEM updates. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Use Wi-Fi Calling

all

Route cellular calls over Wi-Fi instead of vulnerable LTE networks when possible.

Enable VPN

all

Use VPN to encrypt all data traffic, providing additional protection against interception.

🧯 If You Can't Patch

Avoid using cellular data in high-risk areas; prefer trusted Wi-Fi networks.
Monitor for unusual cellular network behavior and unexpected base station switches.

🔍 How to Verify

Check if Vulnerable:

Check device specifications against Qualcomm's affected products list; verify chipset model and firmware version.

Check Version:

Android: Settings > About Phone > Baseband Version; iOS: Settings > General > About > Modem Firmware

Verify Fix Applied:

Confirm firmware version matches patched versions from manufacturer; check for security updates in device settings.

📡 Detection & Monitoring

Log Indicators:

Unexpected base station switches
Authentication failures during network attachment
Unusual cellular network registration patterns

Network Indicators:

Rogue LTE base stations with abnormal signal characteristics
Missing authentication handshake in network traces

SIEM Query:

Not typically applicable as this is cellular network layer vulnerability.

📊 Metadata

CVE ID: CVE-2023-43551

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-287

Published: June 3, 2024

Last Updated: August 11, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

205 Mobile Firmware by Qualcomm

215 Mobile Firmware by Qualcomm

315 5g Iot Modem Firmware by Qualcomm

9205 Lte Modem Firmware by Qualcomm

9206 Lte Modem Firmware by Qualcomm

9207 Lte Modem Firmware by Qualcomm

Apq8017 Firmware by Qualcomm

Apq8037 Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Ar6003 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

C V2x 9150 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6800 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Mdm8207 Firmware by Qualcomm

Mdm9205s Firmware by Qualcomm

Mdm9230 Firmware by Qualcomm

Mdm9250 Firmware by Qualcomm

Mdm9330 Firmware by Qualcomm

Mdm9615 Firmware by Qualcomm

Mdm9628 Firmware by Qualcomm

Mdm9630 Firmware by Qualcomm

Mdm9640 Firmware by Qualcomm

Msm8108 Firmware by Qualcomm

Msm8209 Firmware by Qualcomm

Msm8608 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Qca4004 Firmware by Qualcomm

Qca6174 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6310 Firmware by Qualcomm

Qca6320 Firmware by Qualcomm

Qca6335 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584 Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9367 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcm4325 Firmware by Qualcomm

Qcm4490 Firmware by Qualcomm

Qcm5430 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcm8550 Firmware by Qualcomm

Qcn6024 Firmware by Qualcomm

Qcn6224 Firmware by Qualcomm

Qcn6274 Firmware by Qualcomm

Qcn9024 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm