CVE-2023-43554

Q: What is the severity of CVE-2023-43554?

CVE-2023-43554 has a CVSS score of 8.4 (HIGH). This vulnerability allows memory corruption through improper input validation in FastRPC's IOCTL handler. Attackers could potentially execute arbitrary code with kernel privileges on affected Qualcomm devices. This affects Android devices and other systems using Qualcomm chipsets.

8.4 HIGH

📋 TL;DR

This vulnerability allows memory corruption through improper input validation in FastRPC's IOCTL handler. Attackers could potentially execute arbitrary code with kernel privileges on affected Qualcomm devices. This affects Android devices and other systems using Qualcomm chipsets.

💻 Affected Systems

Products:

Qualcomm chipsets with FastRPC implementation

Versions: Multiple Qualcomm chipset versions prior to July 2024 patches

Operating Systems: Android, Linux-based systems using Qualcomm chips

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable Qualcomm drivers; exact device list varies by manufacturer implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full device compromise with kernel-level code execution, allowing complete control over the device, data theft, and persistence.

🟠

Likely Case

Local privilege escalation from user to kernel mode, enabling further system compromise and data access.

🟢

If Mitigated

Limited impact if proper kernel hardening, SELinux policies, and exploit mitigations are in place.

🌐 Internet-Facing: LOW (requires local access or app execution)

🏢 Internal Only: HIGH (local attackers or malicious apps can exploit)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access or ability to execute code; kernel exploitation adds complexity but is feasible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Qualcomm July 2024 security bulletin patches

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html

Restart Required: Yes

Instructions:

1. Check device manufacturer for security updates. 2. Apply Qualcomm July 2024 security patches. 3. Update Android security patch level to July 2024 or later. 4. Reboot device after update.

🔧 Temporary Workarounds

Restrict IOCTL access

linux

Limit access to FastRPC IOCTL interfaces through SELinux policies or kernel module restrictions

# Requires custom SELinux policy or kernel configuration

🧯 If You Can't Patch

Implement strict application sandboxing and privilege separation
Deploy runtime protection tools that detect kernel memory corruption attempts

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level (Settings > About phone > Android security patch level) - if before July 2024, likely vulnerable

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify Android security patch level is July 2024 or later and device manufacturer confirms Qualcomm patches applied

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Unexpected IOCTL calls to FastRPC devices
SELinux denials for /dev/fastrpc

Network Indicators:

Not network exploitable - local only

SIEM Query:

source="kernel" AND ("panic" OR "oops") AND "fastrpc"

📊 Metadata

CVE ID: CVE-2023-43554

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: July 1, 2024

Last Updated: August 11, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aqt1000 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6800 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qcm5430 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcs5430 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Sc8180x Aa Firmware by Qualcomm

Sc8180x Ab Firmware by Qualcomm

Sc8180x Ac Firmware by Qualcomm

Sc8180x Ad Firmware by Qualcomm

Sc8180x Af Firmware by Qualcomm

Sc8180x\+sdx55 Firmware by Qualcomm

Sc8180xp Aa Firmware by Qualcomm

Sc8180xp Ab Firmware by Qualcomm

Sc8180xp Ac Firmware by Qualcomm

Sc8180xp Ad Firmware by Qualcomm

Sc8180xp Af Firmware by Qualcomm

Sc8280xp Ab Firmware by Qualcomm

Sc8280xp Bb Firmware by Qualcomm

Sc8380xp Firmware by Qualcomm

Snapdragon 7c\+ Gen 3 Firmware by Qualcomm

Video Collaboration Vc3 Platform Firmware by Qualcomm

Wcd9340 Firmware by Qualcomm

Wcd9341 Firmware by Qualcomm

Wcd9370 Firmware by Qualcomm

Wcd9375 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm

Wsa8840 Firmware by Qualcomm

Wsa8845 Firmware by Qualcomm

Wsa8845h Firmware by Qualcomm