7.8
CVE-2024-38413
- EPSS 0.04%
- Veröffentlicht 03.02.2025 17:15:17
- Zuletzt bearbeitet 05.02.2025 13:58:37
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Memory corruption while processing frame packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Fastconnect 7800 Firmware Version-
Qualcomm ≫ Snapdragon 8 Gen 3 Mobile Firmware Version-
Qualcomm ≫ Wcd9390 Firmware Version-
Qualcomm ≫ Wcd9395 Firmware Version-
Qualcomm ≫ Wsa8840 Firmware Version-
Qualcomm ≫ Wsa8845 Firmware Version-
Qualcomm ≫ Wsa8845h Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.107 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| product-security@qualcomm.com | 6.6 | 1.8 | 4.7 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.