Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call.
Conclusion & alert: CVE-2023-33025 is rated Moderate Risk (50/100): CVSS Critical severity, with low exploitation likelihood (EPSS 0.39%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.20% | 0.39% | +0.19% |
| 2 | 2025-03-30 | 0.41% | 0.20% | -0.21% |
| 3 | 2025-03-29 | — | 0.41% | — |
Full EPSS history (6 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 9.8 | 3.1 | CRITICAL |
|
3.9 | 5.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| qualcomm | ar8035_firmware | — | cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fastconnect_6700_firmware | — | cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fastconnect_6900_firmware | — | cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8081_firmware | — | cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8337_firmware | — | cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm4490_firmware | — | cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn6024_firmware | — | cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9024_firmware | — | cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs4490_firmware | — | cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sm4450_firmware | — | cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_680_4g_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_685_4g_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_x65_5g_modem-rf_system_firmware | — | cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_x70_modem-rf_system_firmware | — | cpe:2.3:o:qualcomm:snapdragon_x70_modem-rf_system_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9370_firmware | — | cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9375_firmware | — | cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9380_firmware | — | cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3950_firmware | — | cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3988_firmware | — | cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8810_firmware | — | cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8815_firmware | — | cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8830_firmware | — | cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8832_firmware | — | cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8835_firmware | — | cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin | Vendor Advisory |