ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·12/5/2023
CVE-2023-33106 added to CISA KEV: Qualcomm Multiple Chipsets
Status: ✅ Confirmed exploited in the wild
Date added: 2023-12-05
Required action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Due date: 2023-12-26
Why this matters
Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.