Three new zero days have been reported to Qualcomm, which were CVE-2023-33106, CVE-2023-33107, and CVE-2023-33063. These vulnerabilities were discovered as part of Google Project Zero and were disclosed to Qualcomm by Google Threat Analysis Group.
These new zero days were found to be exploited by threat actors along with CVE-2022-22071. This use-after-free condition existed on certain SnapDragon processors, which was fixed and addressed by Qualcomm on their security bulletin in May 2022.
https://cybersecuritynews.com/qualcomm- ... patch-now/