CVE-2024-43053

EPSS 0.04%
Published 02.12.2024 11:15:09
Last modified 12.12.2024 15:29:14
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.

Affected products Warnungen 0 Metrics 2 CWE 2 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Fastconnect 6700 Firmware Version-

Qualcomm ≫ Fastconnect 6700 Version-

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900 Version-

Qualcomm ≫ Fastconnect 7800 Firmware Version-

Qualcomm ≫ Fastconnect 7800 Version-

Qualcomm ≫ Qca2062 Firmware Version-

Qualcomm ≫ Qca2062 Version-

Qualcomm ≫ Qca2064 Firmware Version-

Qualcomm ≫ Qca2064 Version-

Qualcomm ≫ Qca2065 Firmware Version-

Qualcomm ≫ Qca2065 Version-

Qualcomm ≫ Qca2066 Firmware Version-

Qualcomm ≫ Qca2066 Version-

Qualcomm ≫ Qcc2073 Firmware Version-

Qualcomm ≫ Qcc2073 Version-

Qualcomm ≫ Qcc2076 Firmware Version-

Qualcomm ≫ Qcc2076 Version-

Qualcomm ≫ Sc8380xp Firmware Version-

Qualcomm ≫ Sc8380xp Version-

Qualcomm ≫ Sdm429w Firmware Version-

Qualcomm ≫ Sdm429w Version-

Qualcomm ≫ Snapdragon 429 Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 429 Mobile Platform Version-

Qualcomm ≫ Snapdragon 7c+ Gen 3 Compute Firmware Version-

Qualcomm ≫ Snapdragon 7c+ Gen 3 Compute Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcn3620 Firmware Version-

Qualcomm ≫ Wcn3620 Version-

Qualcomm ≫ Wcn3660b Firmware Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wsa8840 Firmware Version-

Qualcomm ≫ Wsa8840 Version-

Qualcomm ≫ Wsa8845 Firmware Version-

Qualcomm ≫ Wsa8845 Version-

Qualcomm ≫ Wsa8845h Firmware Version-

Qualcomm ≫ Wsa8845h Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.089

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
product-security@qualcomm.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-43053

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-43053

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-43053

EUVD