CVE-2023-33070 HIGH

CVE-2023-33070: Improper Authentication in Automotive OS

Vendor Qualcomm, Inc.
Product Snapdragon
Weakness CWE-287 · Improper authentication
Published December 5, 2023
Last update May 29, 2025

CVSS base score

7.1/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

Transient DOS in Automotive OS due to improper authentication to the secure IO calls.

Key dates

02Disclosure timeline

December 5, 2023 CVE published
May 29, 2025 Record updated