HIGHCVSS7.8
|Actively Exploited
|CISA KEV|CVE-2023-33063|Auth: low — authenticated user|Reboot: required|Manual onlyQualcomm Multiple Chipsets Use-After-Free Vulnerability (CVE-2023-33063)
Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP.
Published Dec 5, 2023 · Updated May 17, 2026
Why patchRisk explained in plain English
Worst-case scenarioIf unpatched
A local attacker, with a low-privilege account, can achieve full data confidentiality loss, arbitrary modification of data, complete denial of service or system unavailability. Federal agencies are required to remediate by 2023-12-26 under CISA BOD 22-01.
How the attack worksNo clicks needed
This is a Use After Free (CWE-416) vulnerability in Qualcomm Multiple Chipsets. Memory corruption in DSP Services during a remote call from HLOS to DSP. Exploitation requires local access, low attack complexity, a low-privilege authenticated account, and no user interaction required.
Am I affected?Quick check
Probably yes if any of these apply:
●IT Security
●Running 315 5g iot modem firmware: -; apq8017 firmware: -; aqt1000 firmware: -; ar8031 firmware: -; ar8035 firmware: -; ar9380 firmware: -; c-v2x 9150 firmware: -; csr8811 firmware: -; csra6620 firmware: -; csra6640 firmware: -; csrb31024 firmware: -; wcn3991 firmware: -; wcn3998 firmware: -; wcn6750 firmware: -; qca6390 firmware: -; wcn685x-5 firmware: -; wcn685x-1 firmware: -; wcn785x-1 firmware: -; wcn785x-5 firmware: -; flight rb5 5g platform firmware: -; immersive home 214 platform firmware: -; immersive home 216 platform firmware: -; immersive home 316 platform firmware: -; immersive home 318 platform firmware: -; ipq4018 firmware: -; ipq4019 firmware: -; ipq4028 firmware: -; ipq4029 firmware: -; ipq5010 firmware: -; ipq6010 firmware: -; ipq6018 firmware: -; ipq6028 firmware: -; ipq8064 firmware: -; ipq8065 firmware: -; ipq8068 firmware: -; ipq8070 firmware: -; ipq8070a firmware: -; ipq8071a firmware: -; ipq8072a firmware: -; ipq8074a firmware: -; ipq8076 firmware: -; ipq8076a firmware: -; ipq8078 firmware: -; ipq8078a firmware: -; ipq8173 firmware: -; ipq8174 firmware: -; mdm9650 firmware: -; qam8255p firmware: -; qam8295p firmware: -; qam8650p firmware: -; qam8775p firmware: -; qca4024 firmware: -; qca6174a firmware: -; qca6310 firmware: -; qca6320 firmware: -; qca6335 firmware: -; qca6391 firmware: -; qca6420 firmware: -; qca6421 firmware: -; qca6426 firmware: -; qca6430 firmware: -; qca6431 firmware: -; qca6436 firmware: -; qca6564 firmware: -; qca6564au firmware: -; qca6574 firmware: -; qca6574a firmware: -; qca6574au firmware: -; qca6595 firmware: -; qca6595au firmware: -; qca6696 firmware: -; qca6698aq firmware: -; qca6797aq firmware: -; qca7500 firmware: -; qca8075 firmware: -; qca8081 firmware: -; qca8337 firmware: -; qca9377 firmware: -; qca9880 firmware: -; qca9886 firmware: -; qca9888 firmware: -; qca9889 firmware: -; qca9898 firmware: -; qca9980 firmware: -; qca9984 firmware: -; qca9985 firmware: -; qca9990 firmware: -; qca9992 firmware: -; qca9994 firmware: -; qcm2290 firmware: -; qcm4290 firmware: -; qcm4325 firmware: -; qcm4490 firmware: -; qcm5430 firmware: -; qcm6125 firmware: -; qcm6490 firmware: -; qcn5022 firmware: -; qcn5024 firmware: -; qcn5052 firmware: -; qcn5122 firmware: -; qcn5124 firmware: -; qcn5152 firmware: -; qcn5154 firmware: -; qcn5164 firmware: -; qcn6023 firmware: -; qcn6024 firmware: -; qcn9000 firmware: -; qcn9011 firmware: -; qcn9012 firmware: -; qcn9022 firmware: -; qcn9024 firmware: -; qcn9070 firmware: -; qcn9072 firmware: -; qcn9074 firmware: -; qcn9100 firmware: -; qcs2290 firmware: -; qcs410 firmware: -; qcs4290 firmware: -; qcs4490 firmware: -; qcs5430 firmware: -; qcs610 firmware: -; qcs6125 firmware: -; qcs6490 firmware: -; qcs7230 firmware: -; qcs8155 firmware: -; qcs8250 firmware: -; qcs8550 firmware: -; qrb5165m firmware: -; qrb5165n firmware: -; qsm8250 firmware: -; msm8905 firmware: -; qm215 firmware: -; video collaboration vc1 platform firmware: -; video collaboration vc3 platform firmware: -; video collaboration vc5 platform firmware: -; qrb5165 firmware: -; sda845 firmware: -; sdm845 firmware: -; sa4150p firmware: -; sa4155p firmware: -; sa6145p firmware: -; sa6150p firmware: -; sa6155 firmware: -; sa6155p firmware: -; sa8145p firmware: -; sa8150p firmware: -; sa8155 firmware: -; sa8155p firmware: -; sa8195p firmware: -; sa8255p firmware: -; sa8295p firmware: -; sa8770p firmware: -; sa8775p firmware: -; sa9000p firmware: -; sd 675 firmware: -; sm8450 firmware: -; sd626 firmware: -; sd660 firmware: -; sd670 firmware: -; sd675 firmware: -; sd730 firmware: -; sd835 firmware: -; sd855 firmware: -; sd865 5g firmware: -; sd888 firmware: -; sdm429w firmware: -; sdx55 firmware: -; sg4150p firmware: -; sg8275p firmware: -; sm4125 firmware: -; sm6250 firmware: -; sm7250p firmware: -; sm7315 firmware: -; sm7325p firmware: -; sm8550p firmware: -; apq8009 firmware: -; apq5053-aa firmware: -; snapdragon 210 processor firmware: -; snapdragon 212 mobile platform firmware: -; sm4375 firmware: -; snapdragon 4 gen 2 mobile platform firmware: -; snapdragon 425 mobile platform firmware: -; snapdragon 429 mobile platform firmware: -; snapdragon 439 mobile platform firmware: -; sm4250-aa firmware: -; sm4350 firmware: -; sm4350-ac firmware: -; snapdragon 625 mobile platform firmware: -; 8953pro firmware: -; snapdragon 632 mobile platform firmware: -; sdm660 firmware: -; snapdragon 662 mobile platform firmware: -; sm6125 firmware: -; snapdragon 675 mobile platform firmware: -; sm6150-ac firmware: -; sm6225 firmware: -; sm6225-ad firmware: -; sm6350 firmware: -; sm6375 firmware: -; sm7125 firmware: -; sm7150-aa firmware: -; sm7150-ab firmware: -; sm7150-ac firmware: -; sm7225 firmware: -; sm7250-aa firmware: -; sm7250-ab firmware: -; sm7250-ac firmware: -; sm7325 firmware: -; sm7325-ae firmware: -; sm7350-ab firmware: -; sm7325-af firmware: -; snapdragon 7c\+ gen 3 compute firmware: -; snapdragon 8 gen 2 mobile platform firmware: -; sm8475 firmware: -; snapdragon 8\+ gen 2 mobile platform firmware: -; s820a firmware: -; 8098 firmware: -; 8998 firmware: -; sm8150 firmware: -; sm8150-ac firmware: -; sm8250-ab firmware: -; sm8250-ac firmware: -; sm8350 firmware: -; sm8350-ac firmware: -; snapdragon ar2 gen 1 platform firmware: -; snapdragon auto 5g modem-rf firmware: -; snapdragon w5\+ gen 1 wearable platform firmware: -; snapdragon wear 4100\+ platform firmware: -; snapdragon x12 lte modem firmware: -; snapdragon x24 lte modem firmware: -; snapdragon x50 5g modem-rf system firmware: -; snapdragon x55 5g modem-rf system firmware: -; snapdragon x65 5g modem-rf system firmware: -; snapdragon xr1 platform firmware: -; snapdragon xr2 5g platform firmware: -; snapdragon xr2\+ gen 1 platform firmware: -; snapdragon auto 4g modem firmware: -; ssg2115p firmware: -; ssg2125p firmware: -; sw5100 firmware: -; sw5100p firmware: -; sxr1120 firmware: -; sxr1230p firmware: -; sxr2130 firmware: -; sxr2230p firmware: -; apq8053-aa firmware: -; apq8053-ac firmware: -; vision intelligence 300 platform firmware: -; vision intelligence 400 platform firmware: -; wcd9326 firmware: -; wcd9335 firmware: -; wcd9340 firmware: -; wcd9341 firmware: -; wcd9360 firmware: -; wcd9370 firmware: -; wcd9371 firmware: -; wcd9375 firmware: -; wcd9380 firmware: -; wcd9385 firmware: -; wcd9390 firmware: -; wcd9395 firmware: -; wcn3610 firmware: -; wcn3615 firmware: -; wcn3620 firmware: -; wcn3660b firmware: -; wcn3680 firmware: -; wcn3680b firmware: -; wcn3910 firmware: -; wcn3950 firmware: -; wcn3980 firmware: -; wcn3988 firmware: -; wcn3990 firmware: -; wcn6740 firmware: -; wsa8810 firmware: -; wsa8815 firmware: -; wsa8830 firmware: -; wsa8832 firmware: -; wsa8835 firmware: -; wsa8840 firmware: -; wsa8845 firmware: -; wsa8845h firmware: -
Real-world incidentsWhat we've seen
CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2023-12-05 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2023-12-26.
How to patch
Manual remediation steps
1
Identify affected hosts: query inventory for general installs in scope.
2
Apply the vendor security update referenced in CVE-2023-33063's advisory. No specific KB/version is encoded yet — consult the linked MSRC/vendor URL.
3
Verify the fix per the vendor's published verification steps.
4
Document the remediation in your change ticket and re-scan with your vulnerability scanner to confirm closure.
PowerShell automationComing soon
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.