Is CVE-2023-21643 actively exploited?

CVE-2023-21643 has no public evidence of in-the-wild exploitation as of 2024-11-21.

What is the CVSS score for CVE-2023-21643?

CVE-2023-21643 has a CVSS score of 9.1 (CRITICAL severity). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L.

How do I patch CVE-2023-21643?

Patch guidance is available from qualcomm security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2023-21643.

Fix CVE-2023-21643 - CRITICAL qualcomm apq8064au firmware

Q: Which products are affected by CVE-2023-21643?

24 products: qualcomm apq8064au firmware, qualcomm apq8096au firmware, qualcomm msm8996au firmware, qualcomm qam8295p firmware, qualcomm qca6564a firmware, and 19 more.

Description

Memory corruption due to untrusted pointer dereference in automotive during system call.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L
Attack Vector: network
Complexity: low
Privileges: low
User Action: none
Scope: changed
Confidentiality: low
Integrity: high
Availability: low
Weaknesses: CWE-822 CWE-787 · Out-of-bounds Write

Metadata

Primary Vendor: QUALCOMM
Published: 8/8/2023
Last Modified: 11/21/2024
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

qualcomm : apq8064au_firmwarequalcomm : apq8096au_firmwarequalcomm : msm8996au_firmwarequalcomm : qam8295p_firmwarequalcomm : qca6564a_firmwarequalcomm : qca6564au_firmwarequalcomm : qca6574a_firmwarequalcomm : qca6574au_firmwarequalcomm : qca6584au_firmwarequalcomm : qca6595_firmwarequalcomm : qca6595au_firmwarequalcomm : qca6696_firmwarequalcomm : sa6145p_firmwarequalcomm : sa6150p_firmwarequalcomm : sa6155_firmwarequalcomm : sa6155p_firmwarequalcomm : sa8145p_firmwarequalcomm : sa8150p_firmwarequalcomm : sa8155_firmwarequalcomm : sa8155p_firmwarequalcomm : sa8195p_firmwarequalcomm : sa8295p_firmwarequalcomm : sa8540p_firmwarequalcomm : sa9000p_firmware

Remediation Guidance

Executive Summary

Cite this page

CVE-2023-21643. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2023-21643

View on NIST NVD

CVE-2023-21643 vulnerability