{"id":11271,"date":"2025-03-26T17:28:40","date_gmt":"2025-03-26T17:28:40","guid":{"rendered":""},"modified":"2025-05-06T01:13:20","modified_gmt":"2025-05-06T01:13:20","slug":"cve-2023-33025-critical-buffer-overflow-vulnerability-in-qualcomm-modems","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2023-33025-critical-buffer-overflow-vulnerability-in-qualcomm-modems\/","title":{"rendered":"CVE-2023-33025: Critical Buffer Overflow Vulnerability in Qualcomm Modems"},"content":{"rendered":"<p class=\"\" data-start=\"79\" data-end=\"104\"><strong data-start=\"79\" data-end=\"104\">Vulnerability Summary<\/strong><\/p>\n<ul data-start=\"106\" data-end=\"717\">\n<li class=\"\" data-start=\"106\" data-end=\"201\">\n<p class=\"\" data-start=\"108\" data-end=\"201\"><strong data-start=\"108\" data-end=\"119\">CVE ID:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">CVE-2023-33025<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"202\" data-end=\"299\">\n<p class=\"\" data-start=\"204\" data-end=\"299\"><strong data-start=\"204\" data-end=\"217\">Severity:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Critical (CVSS 3.1 Score: 9.8)<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"300\" data-end=\"402\">\n<p class=\"\" data-start=\"302\" data-end=\"402\"><strong data-start=\"302\" data-end=\"320\">Attack Vector:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Network<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"403\" data-end=\"511\">\n<p class=\"\" data-start=\"405\" data-end=\"511\"><strong data-start=\"405\" data-end=\"429\">Privileges Required:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">None<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"512\" data-end=\"617\">\n<p class=\"\" data-start=\"514\" data-end=\"617\"><strong data-start=\"514\" data-end=\"535\">User Interaction:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">None<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"618\" data-end=\"717\">\n<p class=\"\" data-start=\"620\" data-end=\"717\"><strong data-start=\"620\" data-end=\"631\">Impact:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\"><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-29048-remote-code-execution-via-oxmf-template-injection-in-open-xchange-app-suite\/\"  data-wpil-monitor-id=\"24567\">Remote Code Execution<\/a> (RCE)<\/span>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"\" data-start=\"719\" data-end=\"924\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">CVE-2023-33025 is a critical buffer overflow vulnerability in Qualcomm&#8217;s data <a class=\"wpil_keyword_link\" href=\"https:\/\/www.ameeba.com\"   title=\"modem\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24371\">modem<\/a> component.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">The flaw arises when a non-standard Session Description Protocol (SDP) body is processed during a Voice over LTE (VoLTE) call, leading to <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-47994-a-deep-dive-into-the-critical-memory-corruption-vulnerability\/\"  data-wpil-monitor-id=\"25565\">memory corruption<\/a>.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Exploitation of this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-6140-arbitrary-file-upload-vulnerability-in-essential-real-estate-wordpress-plugin\/\"  data-wpil-monitor-id=\"24589\">vulnerability could allow an unauthenticated attacker to execute arbitrary<\/a> code on the affected device.<\/span> \u200b<\/p>\n<p class=\"\" data-start=\"926\" data-end=\"947\"><strong data-start=\"926\" data-end=\"947\">Affected Products<\/strong><\/p>\n<p class=\"\" data-start=\"949\" data-end=\"1034\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">This <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-2328-arbitrary-file-deletion-vulnerability-in-drag-and-drop-multiple-file-upload-for-contact-form-7-plugin\/\"  data-wpil-monitor-id=\"29565\">vulnerability affects multiple<\/a> Qualcomm chipsets, including:\u200b<\/p>\n<ul data-start=\"1036\" data-end=\"1387\">\n<li class=\"\" data-start=\"1036\" data-end=\"1123\">\n<p class=\"\" data-start=\"1038\" data-end=\"1123\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Snapdragon 680<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1124\" data-end=\"1211\">\n<p class=\"\" data-start=\"1126\" data-end=\"1211\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Snapdragon 685<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1212\" data-end=\"1299\">\n<p class=\"\" data-start=\"1214\" data-end=\"1299\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Snapdragon X65 5G Modem<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1300\" data-end=\"1387\">\n<p class=\"\" data-start=\"1302\" data-end=\"1387\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Snapdragon X70 Modem RF Systems<\/span>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"\" data-start=\"1389\" data-end=\"1514\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">These chipsets are used in various devices from manufacturers such as Samsung, Motorola, and Huawei.<\/span><\/p>\n<p class=\"\" data-start=\"1516\" data-end=\"1540\"><strong data-start=\"1516\" data-end=\"1540\"><a href=\"https:\/\/www.ameeba.com\/blog\/microsoft-s-recent-patch-a-detailed-analysis-of-the-126-flaws-and-the-actively-exploited-windows-clfs-vulnerability\/\"  data-wpil-monitor-id=\"26162\">Exploitation Details<\/a><\/strong><\/p>\n<p class=\"\" data-start=\"1542\" data-end=\"1747\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">An attacker could <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-47992-critical-buffer-overflow-vulnerability-exploit-in-freeimage-library\/\"  data-wpil-monitor-id=\"25573\">exploit this vulnerability<\/a> by sending a specially crafted VoLTE call containing a malformed SDP body.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">When the target device processes this call, the malformed SDP can trigger a <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-6528-buffer-overflow-vulnerability-in-abc-data-handler\/\"  data-wpil-monitor-id=\"24482\">buffer overflow<\/a> in the modem&#8217;s memory, potentially allowing the attacker to execute arbitrary code.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">However, successful exploitation would likely require the attacker to have <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-49647-an-in-depth-look-at-the-zoom-desktop-client-improper-access-control-vulnerability\/\"  data-wpil-monitor-id=\"26927\">control over or access<\/a> to the LTE network infrastructure.<\/span> \u200b<\/p>\n<p class=\"\" data-start=\"1749\" data-end=\"1779\"><strong data-start=\"1749\" data-end=\"1779\">Mitigation Recommendations<\/strong><\/p>\n<ul data-start=\"1781\" data-end=\"2189\">\n<li class=\"\" data-start=\"1781\" data-end=\"1967\">\n<p class=\"\" data-start=\"1783\" data-end=\"1967\"><strong data-start=\"1783\" data-end=\"1801\">Apply Patches:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Qualcomm has <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-34028-path-traversal-vulnerability-in-commvault-command-center-innovation-release-11-38\/\"  data-wpil-monitor-id=\"39818\">released patches to address this vulnerability<\/a>.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Device manufacturers have been provided with these patches and are expected to distribute them through firmware updates.<\/span> \u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1968\" data-end=\"2075\">\n<p class=\"\" data-start=\"1970\" data-end=\"2075\"><strong data-start=\"1970\" data-end=\"1989\">Update Devices:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\"><a href=\"https:\/\/www.ameeba.com\/blog\/unmasking-the-latest-google-user-scams-a-deep-dive-into-cybersecurity-threats-and-mitigation\/\"  data-wpil-monitor-id=\"39819\">Users should ensure their devices are updated to the latest<\/a> firmware versions provided by their device manufacturers.<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"2076\" data-end=\"2189\">\n<p class=\"\" data-start=\"2078\" data-end=\"2189\"><strong data-start=\"2078\" data-end=\"2103\">Use Trusted Networks:<\/strong> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Avoid connecting to untrusted or unknown LTE networks, as <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-52073-critical-buffer-overflow-exploit-in-network-security-systems\/\"  data-wpil-monitor-id=\"25326\">exploitation may require control over the network<\/a> infrastructure.<\/span>\u200b<\/p>\n<\/li>\n<\/ul>\n<p class=\"\" data-start=\"2191\" data-end=\"2205\"><strong data-start=\"2191\" data-end=\"2205\">Conclusion<\/strong><\/p>\n<p class=\"\" data-start=\"2207\" data-end=\"2332\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">CVE-2023-33025 poses a <a href=\"https:\/\/www.ameeba.com\/blog\/biden-administration-s-cybersecurity-executive-order-a-significant-shift-in-national-cybersecurity-policy\/\"  data-wpil-monitor-id=\"24483\">significant risk due to its potential for remote code execution<\/a> without user interaction.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Given the severity and the wide range of affected devices, it is crucial for users and organizations to apply the necessary updates promptly and follow best practices to mitigate potential exploitation.<\/span>\u200b<\/p>\n<p class=\"\" data-start=\"2334\" data-end=\"2348\"><strong data-start=\"2334\" data-end=\"2348\">References<\/strong><\/p>\n<ul data-start=\"2350\" data-end=\"2701\">\n<li class=\"\" data-start=\"2350\" data-end=\"2437\">\n<p class=\"\" data-start=\"2352\" data-end=\"2437\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33025\" target=\"_new\" rel=\"noopener noreferrer\" data-start=\"0\" data-end=\"71\" data-is-last-node=\"\" data-is-only-node=\"\">NVD \u2013 CVE-2023-33025<\/a><\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"2438\" data-end=\"2525\">\n<p class=\"\" data-start=\"2440\" data-end=\"2525\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\"><a href=\"https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/january-2024-bulletin\" target=\"_new\" rel=\"noopener noreferrer\" data-start=\"0\" data-end=\"124\" data-is-last-node=\"\" data-is-only-node=\"\">Qualcomm January 2024\u00a0<\/a><\/span><\/p>\n<\/li>\n<li class=\"\" data-start=\"2526\" data-end=\"2613\">\n<p class=\"\" data-start=\"2528\" data-end=\"2613\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\"><a href=\"https:\/\/www.scworld.com\/news\/qualcomm-chip-vulnerability-enables-remote-attack-by-voice-call\" target=\"_new\" rel=\"noopener noreferrer\" data-start=\"0\" data-end=\"129\" data-is-last-node=\"\" data-is-only-node=\"\">SC Media Report on CVE-2023-33025<\/a><\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"2614\" data-end=\"2701\">\n<p class=\"\" data-start=\"2616\" data-end=\"2701\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\"><a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/2024-01-01\" target=\"_new\" rel=\"noopener noreferrer\" data-start=\"0\" data-end=\"104\" data-is-last-node=\"\" data-is-only-node=\"\">Android Security Bulletin \u2013 January 2024<\/a><\/span><\/p>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability Summary CVE ID: CVE-2023-33025\u200b Severity: Critical (CVSS 3.1 Score: 9.8)\u200b Attack Vector: Network\u200b Privileges Required: None\u200b User Interaction: None\u200b Impact: Remote Code Execution (RCE)\u200b CVE-2023-33025 is a critical buffer overflow vulnerability in Qualcomm&#8217;s data modem component. The flaw arises when a non-standard Session Description Protocol (SDP) body is processed during a Voice over LTE [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[91],"product":[],"attack_vector":[86,80],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-11271","post","type-post","status-publish","format-standard","hentry","category-uncategorized","vendor-google","attack_vector-buffer-overflow","attack_vector-rce"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/11271","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=11271"}],"version-history":[{"count":20,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/11271\/revisions"}],"predecessor-version":[{"id":35175,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/11271\/revisions\/35175"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=11271"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=11271"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=11271"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=11271"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=11271"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=11271"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=11271"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=11271"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=11271"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}