CVE-2023-21641

An app with non-privileged access can change global system brightness and cause undesired system behavior.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

12 Apr 2024, 17:16

Type	Values Removed	Values Added
CWE		CWE-264

11 Jul 2023, 13:45

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
References	~~(MISC) https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin -~~	(MISC) https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin - Patch, Vendor Advisory
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8155p_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::* cpe:2.3:o:qualcomm:sa8145p_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:qca6696:-:::::::* cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::* cpe:2.3:o:qualcomm:sa8150p_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8155p:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:::::::* cpe:2.3:o:qualcomm:sa6150p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8195p_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8195p:-:::::::* cpe:2.3:h:qualcomm:sa8145p:-:::::::* cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:::::::* cpe:2.3:h:qualcomm:sa6145p:-:::::::* cpe:2.3:h:qualcomm:qca6574au:-:::::::* cpe:2.3:o:qualcomm:sa6155p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa6155p:-:::::::* cpe:2.3:o:qualcomm:sa6145p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8150p:-:::::::* cpe:2.3:h:qualcomm:sa6150p:-:::::::*
First Time		Qualcomm sa8145p Firmware Qualcomm sa8145p Qualcomm qca6574au Qualcomm wsa8835 Firmware Qualcomm wsa8835 Qualcomm sa6145p Qualcomm sa6150p Qualcomm qca6696 Qualcomm wsa8830 Qualcomm sa8195p Firmware Qualcomm qca6696 Firmware Qualcomm sa8155p Qualcomm fastconnect 6900 Firmware Qualcomm sa8150p Qualcomm sa8195p Qualcomm wcd9380 Qualcomm snapdragon 8 Gen 1 Firmware Qualcomm sa6155p Firmware Qualcomm sa8155p Firmware Qualcomm wsa8830 Firmware Qualcomm fastconnect 6900 Qualcomm wcd9380 Firmware Qualcomm fastconnect 7800 Qualcomm qca6574au Firmware Qualcomm sa6145p Firmware Qualcomm sa6150p Firmware Qualcomm snapdragon 8 Gen 1 Qualcomm sa8150p Firmware Qualcomm Qualcomm fastconnect 7800 Firmware Qualcomm sa6155p

04 Jul 2023, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-07-04 05:15

Updated : 2024-04-12 17:16

NVD link : CVE-2023-21641

Mitre link : CVE-2023-21641

CVE.ORG link : CVE-2023-21641

JSON object : View

Products Affected

qualcomm

qca6696_firmware
fastconnect_6900_firmware
wcd9380
sa6150p_firmware
sa6150p
sa8195p
fastconnect_7800_firmware
sa6145p_firmware
fastconnect_6900
sa6155p
qca6574au_firmware
sa8155p_firmware
wsa8835_firmware
sa6155p_firmware
sa8150p
sa8150p_firmware
wsa8830_firmware
qca6574au
sa8145p
wsa8830
sa8145p_firmware
sa6145p
sa8195p_firmware
fastconnect_7800
wsa8835
snapdragon_8_gen_1_firmware
wcd9380_firmware
snapdragon_8_gen_1
qca6696
sa8155p

CWE

NVD-CWE-noinfo CWE-264

Permissions, Privileges, and Access Controls

7.8 /10