CVE-2023-43551
published 2024-06-03CVE-2023-43551: Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode…
PriorityP344high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
0.26%
16.9th percentile
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
Affected
241 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
vendor_oracle7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Android
CVE-2023-43551: Closed-source component
vendor_android·2024-06-01·CVSS 9.1
CVE-2023-43551 [CRITICAL] CVE-2023-43551: Closed-source component
Android Security Bulletin 2024-06-01
CVE: CVE-2023-43551
Severity: CRITICAL
Component: Closed-source component
References: A-314791442 *
Oracle
Oracle Oracle Fusion Middleware Risk Matrix: SSL Module (cURL) — CVE-2022-43551
vendor_oracle·2023-04-15·CVSS 7.5
CVE-2022-43551 [HIGH] Oracle Oracle Fusion Middleware Risk Matrix: SSL Module (cURL) — CVE-2022-43551
Oracle Oracle Fusion Middleware Risk Matrix: SSL Module (cURL) vulnerability
CVE: CVE-2022-43551
CVSS: 7.5
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuapr2023 (APR 2023)
GHSA
GHSA-4h56-hghf-36cj: Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Securi
ghsa_unreviewed·2024-06-03
CVE-2023-43551 [CRITICAL] CWE-287 GHSA-4h56-hghf-36cj: Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Securi
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-06-03
Published