CVE-2023-24848 in 315 5G IoT Modeminfo

Summary

by MITRE • 10/25/2023

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 08/07/2025

The vulnerability identified as CVE-2023-24848 represents a critical information disclosure issue within data modem implementations during voice over long term evolution call processing. This flaw manifests specifically when handling undefined real-time transport control protocol feedback line values, creating potential exposure points for sensitive operational data. The vulnerability exists at the intersection of telecommunications protocols and modem security implementations, where improper handling of malformed RTCP feedback parameters leads to unintended data leakage. The affected systems typically process VoLTE sessions where RTCP feedback mechanisms are utilized for quality monitoring and control purposes, making this exposure particularly concerning for mobile network infrastructure.

The technical root cause stems from inadequate input validation and error handling within the modem's RTCP processing subsystem. When encountering undefined or malformed RTCP feedback line values during VoLTE call establishment or maintenance, the modem fails to properly sanitize or reject these inputs, instead allowing them to propagate through the system. This results in sensitive information such as internal memory addresses, configuration parameters, or session data being inadvertently exposed to unauthorized parties. The vulnerability demonstrates characteristics consistent with CWE-20 Improper Input Validation, where insufficient checks on input data lead to unexpected behavior and information leakage. The flaw operates at the application layer of the network stack, specifically within the media processing components responsible for handling real-time communication protocols.

The operational impact of this vulnerability extends beyond simple data exposure, potentially enabling attackers to gain insights into network infrastructure configuration, call routing patterns, and system internals that could facilitate further exploitation attempts. During active VoLTE sessions, an attacker could leverage this information disclosure to map network topology, identify vulnerable endpoints, or craft more sophisticated attacks targeting specific modem implementations. The exposure occurs during normal call processing operations, making detection particularly challenging as it may not trigger obvious security alerts or network anomalies. This vulnerability aligns with ATT&CK technique T1083 for discovering system information and T1046 for network service scanning, as the information disclosure enables reconnaissance activities that could lead to privilege escalation or lateral movement within the network infrastructure.

Mitigation strategies should focus on implementing comprehensive input validation for all RTCP feedback parameters, including the establishment of strict parsing rules for line value formats and content. Network administrators should deploy firmware updates from vendors that address the specific validation gaps in the modem implementation, ensuring proper sanitization of RTCP feedback data before processing. The solution architecture must include robust error handling mechanisms that gracefully reject malformed inputs rather than allowing them to propagate through the system. Additionally, network monitoring should be enhanced to detect unusual RTCP feedback patterns that might indicate exploitation attempts. Organizations should also consider implementing network segmentation to limit the potential impact of information disclosure and establish logging protocols that capture RTCP processing anomalies for security analysis purposes. The remediation process should follow industry standards such as NIST SP 800-53 for security controls and ISO 27001 for information security management to ensure comprehensive protection against similar vulnerabilities.

Responsible

Qualcomm, Inc.

Reservation

01/31/2023

Disclosure

10/25/2023

Moderation

accepted

CPE

ready

EPSS

0.00299

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!