6.7

CVE-2024-23375

Memory corruption during the network scan request.

Data is provided by the National Vulnerability Database (NVD)
QualcommWsa8835 Firmware Version-
   QualcommWsa8835 Version-
QualcommWsa8830 Firmware Version-
   QualcommWsa8830 Version-
QualcommWcn3988 Firmware Version-
   QualcommWcn3988 Version-
QualcommWcn3980 Firmware Version-
   QualcommWcn3980 Version-
QualcommWcn3680b Firmware Version-
   QualcommWcn3680b Version-
QualcommWcn3660b Firmware Version-
   QualcommWcn3660b Version-
QualcommSw5100p Firmware Version-
   QualcommSw5100p Version-
QualcommSw5100 Firmware Version-
   QualcommSw5100 Version-
QualcommSa8195p Firmware Version-
   QualcommSa8195p Version-
QualcommSa8155p Firmware Version-
   QualcommSa8155p Version-
QualcommSa6155p Firmware Version-
   QualcommSa6155p Version-
QualcommSa4155p Firmware Version-
   QualcommSa4155p Version-
QualcommSa4150p Firmware Version-
   QualcommSa4150p Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.03% 0.064
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
product-security@qualcomm.com 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.