CVE-2023-28548

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 5, 2023

Updated: Apr 12, 2024

CWE ID 129

Summary

CVE-2023-28548 is a memory corruption vulnerability affecting the WLAN HAL (Wireless Local Area Network Hardware Abstraction Layer) during the processing of Tx/Rx commands from QDART (Qualcomm Atheros Device Driver). This issue can lead to unintended memory manipulation and, potentially, arbitrary code execution with kernel-level privileges. Exploitation of this vulnerability may result in serious security consequences, including data theft or denial-of-service attacks. It is recommended that affected systems are updated with the appropriate software patches to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sjpgxr
https://www.cve.org/CVERecord?id=CVE-2023-28548
https://nvd.nist.gov/vuln/detail/CVE-2023-28548

Back to Vulnerability Database

CVE-2023-28548

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations