Qualcomm Snapdragon X65 5g Modem-rf Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Snapdragon X65 5g Modem-rf Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2023-43551 — CVSS 9.1 (critical): Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send…
CVE-2023-33115 — CVSS 7.8 (high): Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
CVE-2023-43542 — CVSS 7.8 (high): Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.
CVE-2024-21475 — CVSS 7.8 (high): Memory corruption when the payload received from firmware is not as per the expected protocol size.
CVE-2024-45571 — CVSS 7.8 (high): Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
CVE-2025-21453 — CVSS 7.8 (high): Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2025-21468 — CVSS 7.8 (high): Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character…
CVE-2023-33086 — CVSS 7.5 (high): Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.
CVE-2023-43539 — CVSS 7.5 (high): Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.
CVE-2023-43529 — CVSS 7.5 (high): Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
CVE-2023-33105 — CVSS 7.5 (high): Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence…
CVE-2025-21446 — CVSS 7.5 (high): Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
CVE-2024-23363 — CVSS 7.5 (high): Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
CVE-2023-33100 — CVSS 7.5 (high): Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP specification.
CVE-2024-45558 — CVSS 7.5 (high): Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE…
CVE-2023-33099 — CVSS 7.5 (high): Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.
CVE-2023-33095 — CVSS 7.5 (high): Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.
CVE-2025-47403 — CVSS 6.5 (medium): Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.