Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-47381

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-02 Mar, 2026 | 16:53
Updated At-03 Mar, 2026 | 04:56
Rejected At-
Credits

Use After Free in Automotive Audio

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:02 Mar, 2026 | 16:53
Updated At:03 Mar, 2026 | 04:56
Rejected At:
â–¼CVE Numbering Authority (CNA)
Use After Free in Automotive Audio

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon
Platforms
  • Snapdragon Auto
  • Snapdragon Industrial IOT
Default Status
unaffected
Versions
Affected
  • LeMans_AU_LGIT
  • LeMansAU
  • QAM8255P
  • QAMSRV1H
  • QAMSRV1M
  • QCA6574
  • QCA6574A
  • QCA6574AU
  • QCA6595
  • QCA6595AU
  • QCA6688AQ
  • QCA6696
  • QCA9367
  • QCA9377
  • SA6155P
  • SA7255P
  • SA7775P
  • SA8155P
  • SA8195P
  • SA8255P
  • SA8620P
  • SA8770P
  • SA9000P
  • SRV1H
  • SRV1M
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html
N/A
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:02 Mar, 2026 | 17:16
Updated At:02 Mar, 2026 | 20:29

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-416Primaryproduct-security@qualcomm.com
CWE ID: CWE-416
Type: Primary
Source: product-security@qualcomm.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.htmlproduct-security@qualcomm.com
N/A
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html
Source: product-security@qualcomm.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2315Records found
CVE-2020-3646
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.80%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDA845, SDM429W, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaresdm429wqcm2150sdx24sm8250_firmwaresc8180x_firmwareqcs405sm7150_firmwaresm6150msm8909w_firmwaresdm429w_firmwaresm7150sxr2130sc8180xqcs605_firmwaresm8150_firmwaresdx24_firmwaresxr2130_firmwareqcs405_firmwaresda845_firmwarebitraqcs605sdx55saipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdx55_firmwaresaipanmsm8909wsda845Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-3622
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.53%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm632sdm450_firmwareqcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mbitraapq8098qcn7605mdm9206_firmwarebitra_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130apq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996saipanmdm9640kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150sdm660msm8920_firmwaresc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8996_firmwareipq6018apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053sm8250apq8096au_firmwarenicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-3629
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Stack out of bound issue occurs when making query to DSP capabilities due to wrong assumption was made on determining the buffer size for the DSP attributes' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, Kamorta, Rennell, SC7180, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresm8150_firmwaresxr2130_firmwarerennellsc7180bitrasdm845rennell_firmwaresm8250_firmwaresm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwarebitra_firmwaresm8150kamortasm7150sxr2130sdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-3666
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Out of bounds memory access during memory copy while processing Host command' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, QCN5500, QCN5502, QCS404, QCS405, QCS605, SA6155P, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqcn5500mdm9640_firmwareqca9980_firmwaremsm8996au_firmwaresdm845sdx24qca9563_firmwareqcs404_firmwaremdm9650qca9558qca9558_firmwareqca6574msm8996auqca9880_firmwareapq8009_firmwaresdm670qcs605_firmwareipq4019_firmwaremdm9206qca9379_firmwareqca6174asdm670_firmwareqcs404sdx24_firmwareqca6584au_firmwareipq8074sdm636sda845_firmwareqca9377apq8098ipq6018_firmwaremdm9206_firmwareqca9563qca6574_firmwareqca9886qcn5502_firmwareqcs605mdm9650_firmwareqca6574au_firmwareipq8064sxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwareipq8064_firmwaresda845sdm850_firmwareqca6584ausa6155p_firmwaresdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwareqcn5502qcs405qca9531ipq8074_firmwareqca6574ausdm710mdm9607qca9980apq8017_firmwaresdm710_firmwareqca9880sa6155pqcn5500_firmwareqca8081mdm9207c_firmwareipq6018mdm9207cqca6174a_firmwareqca9886_firmwareapq8096auqcs405_firmwaresdm630_firmwareipq4019apq8053apq8096au_firmwaremsm8998sdx20_firmwaresdm850qca9531_firmwareapq8017qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-3640
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.41%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOS adversary calls the function with wrong input' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, QCS404, QCS610, Rennell, Saipan, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs404sxr2130_firmwareqcs610rennellsc7180bitrarennell_firmwareqcs404_firmwaresm8250_firmwaresdx55sm7150_firmwaresaipan_firmwaresm6150_firmwaresm6150sc7180_firmwaresm8250bitra_firmwarekamortasm7150sdx55_firmwaresaipanqcs610_firmwaresxr2130Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2020-3611
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'XBL SEC clears only ZI region when loading Qualcomm-signed segments can lead to improper access issue' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresdm670_firmwareqcs404sdm636_firmwaresdm636sda845_firmwaresdm660_firmwareapq8098_firmwaresdm630_firmwaresdm845apq8098sda660_firmwaremsm8998_firmwaresdm660sdm630qcs404_firmwareqcs605sdm710msm8998sdm850sdm710_firmwaresda660kamortasxr1130_firmwaresxr1130sdm670qcs605_firmwaresda845sdm845_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2020-3656
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcm2150_firmwaremsm8953sdm450sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632qcm2150sdm439mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresdm429qcs405sm7150_firmwaresa8155p_firmwareqm215mdm9607sdm710sdm429w_firmwaresm6150sdm710_firmwaresm7150apq8009_firmwaremsm8917sa6155psxr2130qcs605_firmwaresc8180xsm8150_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwarerennellrennell_firmwareqm215_firmwareqcs605sdx55msm8953_firmwaresa8155psaipan_firmwaresm6150_firmwaremsm8917_firmwaresdm429_firmwaresm8250sm8150kamortasdx55_firmwarenicobar_firmwareapq8009saipannicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-3613
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.03%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150sm8150_firmwareSnapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-415
Double Free
CVE-2020-3623
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8250sxr2130sm8250_firmwaresxr2130_firmwareSnapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3626
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.70%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150msm8917sdm670sxr2130qcs605_firmwaresdm670_firmwaresdm636apq8098qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8053_firmwarenicobarmsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660msm8920_firmwaresdm630sm8250_firmwareqca6574ausdm710qm215sdm710_firmwaremsm8937msm8905sm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8940apq8053apq8096au_firmwaremsm8953_firmwaresaipan_firmwaremsm8917_firmwaresm6150_firmwaremsm8998sm8150sm8250nicobar_firmwaresaipansdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-3694
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.67%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in Bitra, Nicobar, Saipan, SM6150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sxr2130saipan_firmwaresm6150_firmwaresm6150sm8250bitra_firmwaresm8150_firmwaresm8150sxr2130_firmwarebitranicobar_firmwaresaipansm8250_firmwarenicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2020-3693
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.67%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaresdm429wmsm8996au_firmwareapq8098_firmwaresdx20qcm2150sm8250_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwareapq8017_firmwareapq8009apq8009_firmwaresxr2130qcs605_firmwaresm8150_firmwaresxr2130_firmwarebitraapq8098qcs605apq8053saipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdx20_firmwareapq8017nicobar_firmwaremsm8909wsaipanapq8053_firmwarenicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-3636
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Out of bound writes happen when accessing usage_table header entry beyond the memory allocated for the header' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, QCS610, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs404sxr2130_firmwareqcs610rennellsc7180rennell_firmwareqcs404_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwarekamortasm7150sdx55_firmwareqcs610_firmwaresxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2024-49842
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG+0.04%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Access Control in Hypervisor

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwareqcm8550_firmwarerobotics_rb3sd865_5gqca6595sm8735wcd9370qca8081_firmwaresnapdragon_670_mobileqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwarewcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwarewcn7750qcc710_firmwareqca6426fastconnect_6700snapdragon_x50_5g_modem-rf_firmwarewsa8832_firmwaresnapdragon_wear_4100\+_firmwareqca8337qdu1110qca6426_firmwarewcd9395sc8180xp-aaabqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresc8180xp-acafsrv1hsnapdragon_850_mobile_computewcn3660b_firmwareqcs9100sdx80mfastconnect_6800_firmwareqcs5430wcn7860qcm5430qcm5430_firmwaresa8770psnapdragon_678_mobile_firmwaressg2115pqcc710snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresa8540pqsm8350_firmwaresnapdragon_wear_4100\+fastconnect_6900qru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwareqca6421qca6310qam8255p_firmwaresa8155_firmwareqca6335snapdragon_x65_5g_modem-rfwsa8845sa6155pqca6421_firmwaresc8180x-adqca6564au_firmwaresnapdragon_429_mobile_firmwarewsa8810qam8650pqdu1000_firmwaresa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobileqdu1010wcd9326_firmwaresa6155p_firmwaresnapdragon_845_mobile_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750psnapdragon_x55_5g_modem-rf_firmwaresnapdragon_x62_5g_modem-rf_firmwareqmp1000qca6420wcd9370_firmwareqdu1110_firmwareqdu1000wcn3660bqca6574asnapdragon_x72_5g_modem-rf_firmwaresa7255p_firmwarewcn3620_firmwareqca6174awcd9340qdu1210snapdragon_auto_5g_modem-rf_gen_2qca6335_firmwareqcm6490sa8540p_firmwareqcm8550snapdragon_765_5g_mobile_firmwareqcn9274vision_intelligence_300_firmwaresa8775pqca6574sd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaresa8775p_firmwareqamsrv1hsdx57mwsa8845hwcd9326sa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwarear8035qamsrv1m_firmwarewcn7750_firmwaresa8650p_firmwaresa6155wcn3620srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareqcn6224snapdragon_429_mobileqca6698aqwcn3950_firmwaresa7775p_firmwaressg2125p_firmwarefastconnect_6200sd670wcn3680bsc8180x-acaf_firmwarewcd9378qdx1011sa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwaresnapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490sc8180xp-acaf_firmwarefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwarewsa8845_firmwarewsa8832wcd9378_firmwaresdx57m_firmwaresrv1lsxr2130_firmwaresrv1mqca6678aqsnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwarewcn7860_firmwaresc8380xpsnapdragon_x62_5g_modem-rfqca6564ausc8180xp-adsc8280xp-abbbwsa8815_firmwareqca8337_firmwareqca9377_firmwareqcm6490_firmwaresm7250p_firmwareqru1032vision_intelligence_400_firmwarewcn3950snapdragon_870_5g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesd_675_firmwaresnapdragon_678_mobilesm7250psc8180x-acafsa8155sd_8cx_firmwaresc8180x-ad_firmwareqca6584auqcn6274_firmwareqru1062_firmwaresnapdragon_850_mobile_compute_firmwaresnapdragon_675_mobile_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062qca6310_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880sa8150psxr2330psnapdragon_x24_lte_modemsc8180x-aaabsxr1230psc8180x-aaab_firmwarewcn7881video_collaboration_vc3_platformaqt1000qca6688aqqam8295p_firmwaresd855qca6431_firmwarewcn3990_firmwareqca6698aq_firmwareqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqca6430snapdragon_855\+_mobilesnapdragon_765_5g_mobileqdx1011_firmwaresnapdragon_860_mobilesc8180xp-ad_firmwaresm8750_firmwaresdx55_firmwaressg2125pqru1052sxr2130snapdragon_x65_5g_modem-rf_firmwareqamsrv1mqca6174a_firmwarewcn7861_firmwarewcn7861snapdragon_x50_5g_modem-rfqam8650p_firmwaresnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresdm429wqam8620psd855_firmwarewcn3980_firmwareqca6436qca6584au_firmwareqcn6274snapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqfw7124qca6595au_firmwareqdu1010_firmwareqcs8300_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqam8775pqca9377snapdragon_ar2_gen_1_firmwareqca6797aqsnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55snapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675sd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwareqcn9274_firmwareqcs5430_firmwaresnapdragon_x32_5g_modem-rfqru1052_firmwaresa8770p_firmwaresa8295pqcs8550sm8735_firmwaresc8280xp-abbb_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwarewcd9375qca6688aq_firmwarevision_intelligence_300snapdragon_ar2_gen_1snapdragon_765g_5g_mobileqamsrv1h_firmwaresd_675wsa8835_firmwaresdx80m_firmwaresd_8cxssg2115p_firmwarevision_intelligence_400wcn3980qdx1010wcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-284
Improper Access Control
CVE-2024-49832
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Camera

Memory corruption in Camera due to unusually high number of nodes passed to AXI port.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840fastconnect_6900sdm429wwcn7860snapdragon_429_mobilewsa8845h_firmwaresnapdragon_8_gen_1_mobile_firmwarewcn3620_firmwarewcn7881_firmwarewsa8845wsa8832wcn7881wcd9390_firmwarewcd9380_firmwaresnapdragon_8_gen_3_mobile_firmwaresm8750wcn3660bsnapdragon_8_gen_3_mobilesdm429w_firmwarewcn7861video_collaboration_vc3_platform_firmwarewsa8845_firmwaresm8750_firmwarewcd9380video_collaboration_vc3_platformwsa8830snapdragon_429_mobile_firmwaresm8750pwsa8832_firmwarewcn7860_firmwarewcn7861_firmwarewsa8835sm8750p_firmwarewsa8845hwsa8830_firmwarewcn3620fastconnect_7800snapdragon_8_gen_1_mobilefastconnect_6900_firmwareqcs6490wcn7880_firmwareqcs6490_firmwarewcn7880wcd9395_firmwarewcd9390wsa8840_firmwarewcd9395wcn3660b_firmwarewsa8835_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-49833
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Camera

Memory corruption can occur in the camera when an invalid CID is used.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwaresa7255psnapdragon_ar2_gen_1wcn7860qamsrv1mwcn7881_firmwareqcs8550_firmwarewcn7881sa7775p_firmwaresa8775pssg2125p_firmwareqam8775psa8650p_firmwarewcn3950_firmwaresm8750wcn6650sa8255pwcd9370_firmwarewcn3950video_collaboration_vc3_platform_firmwaresxr2230pwsa8845_firmwareqcm8550_firmwaresnapdragon_8\+_gen_2_mobilewcn6755_firmwaresxr2230p_firmwaresm7635_firmwaresd_8_gen1_5g_firmwarewsa8845hssg2115p_firmwarewcn6450_firmwareqcm8550sa8650psa8770p_firmwaretalynpluswcn3988qca6698aq_firmwarewcn7880_firmwarewcd9395_firmwareqamsrv1m_firmwaresa8775p_firmwaresm7635talynplus_firmwarewsa8835_firmwarefastconnect_6900wcn3988_firmwareqcm4490wcd9375_firmwarewcd9385_firmwareqam8650p_firmwarewsa8810snapdragon_8_gen_3_mobile_firmwareqam8255p_firmwarewcd9375sa8620p_firmwaresm6650sa7255p_firmwareqca6595_firmwaresg8275pqamsrv1hwcn6740wcd9380video_collaboration_vc3_platformqamsrv1h_firmwarewsa8832_firmwarewcn7861_firmwaresnapdragon_4_gen_2_mobilewsa8830_firmwarewcn6755snapdragon_8_gen_2_mobile_firmwareqca6595au_firmwareqcs6490_firmwarewcd9385sa8255p_firmwarewsa8840_firmwareqca6595auqam8255psxr2250p_firmwarewsa8840srv1hsm8550p_firmwaresm7675qca6595wsa8845h_firmwareqam8650pwsa8845snapdragon_ar2_gen_1_firmwarewcn6650_firmwaresxr1230p_firmwaresxr2330pwcd9380_firmwarewcn6450srv1mqam8775p_firmwaresm8635psnapdragon_ar1_gen_1sm8635p_firmwareqcs4490wcd9370wcd9378sm7675_firmwareqcs4490_firmwaresm8750psa9000psnapdragon_4_gen_2_mobile_firmwarewsa8835sm8750p_firmwaressg2125pqca6678aqfastconnect_7800qca6797aq_firmwaresnapdragon_8_gen_1_mobilesnapdragon_8_gen_2_mobilewcn7880wcd9378_firmwareqca6797aqqcm4490_firmwaresm7675pqcs8550sxr2250psm6650_firmwarefastconnect_6700snapdragon_8_gen_1_mobile_firmwaresd_8_gen1_5gsm7675p_firmwaresnapdragon_ar1_gen_1_firmwarewsa8810_firmwaresrv1m_firmwarewsa8832fastconnect_6700_firmwarewcd9390_firmwaresm8635ssg2115psm8635_firmwaresnapdragon_8_gen_3_mobilewsa8815sxr1230pwcn7861sa8620psm8750_firmwarewsa8830wsa8815_firmwaresnapdragon_8\+_gen_2_mobile_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresa8770pwcn7860_firmwaresg8275p_firmwaresrv1h_firmwareqca6678aq_firmwareqca6698aqfastconnect_6900_firmwareqcs6490sa9000p_firmwaresm8550psnapdragon_8\+_gen_1_mobilewcd9390sa7775pwcd9395wcn6740_firmwaresxr2330p_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2025-47314
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.32%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 15:33
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive Software platform based on QNX

Memory corruption while processing data sent by FE driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6698aqsrv1h_firmwaresa8540p_firmwaresa8650p_firmwaresa8255pqamsrv1m_firmwareqca6574ausa8775p_firmwaresrv1m_firmwareqam8620p_firmwaresa8770p_firmwareqamsrv1h_firmwareqam8255p_firmwaresa8295pqca6696_firmwareqca6797aq_firmwareqam8775p_firmwaresa8255p_firmwareqam8255pqam8775pqam8295p_firmwaresa7255p_firmwaresa6155psa7775psrv1msa8540psa8770pqca6688aq_firmwareqca6595_firmwareqam8295pqca6595ausa8155psa9000psa8620p_firmwaresa8195p_firmwaresa8650pqca6797aqqamsrv1mqca6696qam8620psa8195psa8295p_firmwaresrv1hsrv1l_firmwareqca6688aqqca6595au_firmwareqca6574au_firmwareqam8650p_firmwaresa9000p_firmwaresa7775p_firmwaresa6155p_firmwaresrv1lqca6595qam8650psa7255psa8620psa8155p_firmwareqca6698aq_firmwaresa8775pqamsrv1hSnapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2025-47368
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.87%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 03:19
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in DSP Service

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_6900wsa8845hwsa8840wcd9380_firmwarewsa8845_firmwaresc8380xp_firmwarewsa8840_firmwarewcd9385_firmwarewcd9385wsa8845fastconnect_6900_firmwarefastconnect_7800sc8380xpfastconnect_7800_firmwarewcd9380wsa8845h_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CVE-2024-23369
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.11%
||
7 Day CHG+0.02%
Published-07 Oct, 2024 | 12:58
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8_gen_3_mobile_platform_firmwareqdx1010_firmwarewsa8845_firmwaresa6150p_firmwaresd865_5gwsa8832qca6678aq_firmwarewcd9378_firmwareqca6431srv1lqca6595sxr2130_firmwarewcd9370srv1mqca8081_firmwareqca6678aqsnapdragon_765_5g_mobile_platform_\(sm7250-aa\)qca6696qam8620p_firmwarear8035_firmwarewcd9340_firmwaresnapdragon_888_5g_mobile_platformsc8380xpsa8530pwcd9395_firmwareqcc710_firmwareqca6426fastconnect_6700sm4635wsa8815_firmwarewsa8832_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)sa8195p_firmwareqca8337_firmwareqca8337qdu1110wcd9395qca6426_firmwareqcm6490_firmwareqca6574au_firmwaresm7250p_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwaresm4635_firmwareqam8295psnapdragon_x72_5g_modem-rf_system_firmwarewcd9390qru1032qca6574auwcn3950sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_xr2_5g_platformsrv1hsa9000p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6797aq_firmwareqcs5430fastconnect_6800_firmwaresa8295p_firmwaresm7250pqcm5430qcm5430_firmwaresa8770pqcn6274_firmwareqca6584auwcn6755_firmwareqcc710qru1062_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwaresnapdragon_x72_5g_modem-rf_systemsa8540psc8380xp_firmwareqru1062qfw7114_firmwareqsm8350_firmwarefastconnect_6800qca6595_firmwarefastconnect_7800_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)fastconnect_6900qru1032_firmwaresa7255psm8635qep8111qfw7114sm8635_firmwarewcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemqca6421fastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_x62_5g_modem-rf_systemsnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)snapdragon_xr2_5g_platform_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)snapdragon_888_5g_mobile_platform_firmwaresa8150pwcn6755snapdragon_8_gen_1_mobile_platform_firmwarewsa8845snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)sa6155pqca6421_firmwaresnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwaresnapdragon_x35_5g_modem-rf_systemwsa8810snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)qam8650pqdu1000_firmwaresrv1h_firmwaresa9000pvideo_collaboration_vc3_platformqca6595auqdu1010snapdragon_865_5g_mobile_platform_firmwaresa6155p_firmwareqdx1010wsa8840qam8295p_firmwaresrv1m_firmwareqca6431_firmwareqdu1210_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwareqfw7124_firmwarewcd9385qca6698aq_firmwareqca6436_firmwareqsm8350sa8255pwcd9390_firmwaresnapdragon_8_gen_3_mobile_platformqep8111_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)_firmwarewcd9370_firmwareqdx1011_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574asxr2130qru1052sa8195pqca6174awcd9340qdu1210qamsrv1msnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwaresa8540p_firmwareqcm6490qam8650p_firmwarewcn3988qcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemqca6584au_firmwareqam8620psa8775pqcn6274snapdragon_x75_5g_modem-rf_systemqfw7124wsa8835wsa8840_firmwareqca6595au_firmwareqca6574qca6436qca6391_firmwareqdu1010_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwarewsa8845hsnapdragon_865_5g_mobile_platformwcd9380_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwaresa6150pqca6574_firmwaresa8155p_firmwarewsa8815qca8081sd_8_gen1_5gsa8155pwsa8830qam8775pqca6797aqsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresa6145psa8620psa8255p_firmwareqca6574a_firmwarear8035qamsrv1m_firmwaresa8650p_firmwarewcd9375_firmwaresd_8_gen1_5g_firmwaresnapdragon_x62_5g_modem-rf_system_firmwaresrv1l_firmwaresa7775pqca6391qcn6224qcs5430_firmwaresa7775p_firmwarewcn3950_firmwareqca6698aqqru1052_firmwaresa8770p_firmwaresa8530p_firmwaresa8295psnapdragon_8_gen_1_mobile_platformfastconnect_6200fastconnect_7800sa8650psa8145p_firmwareqam8775p_firmwaresd865_5g_firmwarewcd9378wcd9375qdx1011sa8150p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwsa8835_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcs6490fastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareSnapdragonqam8255p_firmwareqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresm4635_firmwaresa8145p_firmwarewcd9378_firmwareqca6431_firmwareqdu1010_firmwaresa8530p_firmwareqcn6224_firmwareqdu1110_firmwarewcn3950_firmwaresa8540p_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresm8635_firmwareqcm5430_firmwareqca6584au_firmwareqep8111_firmwareqfw7114_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqamsrv1h_firmwareqca6574_firmwaresd_8_gen1_5g_firmwarewcd9340_firmwareqsm8350_firmwareqru1032_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwaresa9000p_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm7250p_firmwareqca6436_firmwareqca6421_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqca6678aq_firmwareqcn6274_firmwaresa8775p_firmwareqcm6490_firmwarewsa8840_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwaresc8380xp_firmwarewcn3988_firmwareqru1062_firmwareqca6797aq_firmwaresa6145p_firmwaresa8155p_firmwaresa7775p_firmwareqdx1011_firmwarefastconnect_6700_firmwaresa7255p_firmwarewsa8810_firmwarefastconnect_7800_firmwarewcd9395_firmwaresa8255p_firmwareqdx1010_firmwareqdu1000_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqca6174a_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwareqru1052_firmwarewcd9370_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqam8620p_firmwaresa8295p_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-23356
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.91%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-26 Nov, 2024 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS

Memory corruption during session sign renewal request calls in HLOS.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqca8337qfw7124sg8275p_firmwareqca6431_firmwareqam8775pqamsrv1mqru1052snapdragon_888_5g_mobile_platformwsa8840wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155snapdragon_480_5g_mobile_platformvideo_collaboration_vc3_platformsnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarecsra6620_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwareqcm5430_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqam8295pwcn3950sm4125qcn6024_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresnapdragon_460_mobile_platformqsm8350qca6688aqsm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6420snapdragon_xr2\+_gen_1_platformsnapdragon_auto_5g_modem-rf_firmwaresnapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmwareqca6678aq_firmwarewcn3999smart_audio_400_platform_firmwarewsa8840_firmwaresa4155p_firmwareqcs6125qca6698aqsa8155_firmwaresc8380xp_firmwareqca6430qru1062_firmwaresa7775p_firmwaresnapdragon_8\+_gen_1_mobile_platformwcd9340snapdragon_720g_mobile_platformsnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)sw5100snapdragon_780g_5g_mobile_platformqca6436sa6155pqdu1000_firmwaresnapdragon_690_5g_mobile_platformqca6698aq_firmwaresxr2250psnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)snapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341sa8255pqam8775p_firmwareqca6431qca6696_firmwareqca6797aqqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresa8150pqcc710_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn7606_firmwaresa8295p_firmwaresa8770psnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)wcd9380_firmwareqca8337_firmwaressg2125psnapdragon_778g_5g_mobile_platform_firmwaresw5100psnapdragon_730_mobile_platform_\(sm7150-aa\)snapdragon_765_5g_mobile_platform_\(sm7250-aa\)snapdragon_w5\+_gen_1_wearable_platformqcm8550snapdragon_670_mobile_platform_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresd670_firmwareqca6574snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmwareqdu1110_firmwaresnapdragon_7c\+_gen_3_computewcd9380snapdragon_x72_5g_modem-rf_system_firmwarefastconnect_6700snapdragon_782g_mobile_platform_\(sm7325-af\)sxr1230psnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwarevideo_collaboration_vc3_platform_firmwarec-v2x_9150_firmwaresg8275pwcn3980snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwaresnapdragon_678_mobile_platform_\(sm6150-ac\)wcd9335_firmwaresm6370_firmwareqfw7114_firmwareqca6430_firmwarewsa8845qcm4325_firmwarewcd9340_firmwarewsa8815wcn3910snapdragon_4_gen_1_mobile_platformqca6426_firmwaresc8380xpsnapdragon_670_mobile_platformsnapdragon_x62_5g_modem-rf_system_firmwareqcn9024wcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8295pqca6421_firmwarewcn6740_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemqca6678aqar8031_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)qdu1010qca6797aq_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwaresrv1lsd670qdx1011_firmwareqcn9024_firmwaresa7255p_firmwaresnapdragon_730g_mobile_platform_\(sm7150-ab\)_firmwaresnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwaresa8620pwsa8832qdx1010_firmwaresw5100p_firmwaresa8540pqamsrv1m_firmwaresa6145pqcm5430snapdragon_678_mobile_platform_\(sm6150-ac\)_firmwareqcc710ar8031qcs4490qca6595_firmwarewcd9395sa8145psnapdragon_750g_5g_mobile_platformqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwareqdx1010sd888_firmwaresa8155pcsra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255psa4155pqdu1210_firmwaresnapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwareqep8111qcn7606snapdragon_720g_mobile_platform_firmwaresnapdragon_855_mobile_platformqcm2290ar8035_firmwaretalynplus_firmwarewsa8830snapdragon_662_mobile_platform_firmwaresxr2230p_firmwaresa8145p_firmwareqcs2290_firmwareqam8650psnapdragon_865_5g_mobile_platformcsra6620qcn6224_firmwareqcs4290srv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwarewcd9370ssg2115pqca6426qdu1110wcn3990_firmwareqca6584au_firmwaresnapdragon_8_gen_2_mobile_platformqamsrv1hsa8530pwcd9385_firmwarewcd9326_firmwarefastconnect_6200talynplusqamsrv1h_firmwareqam8295p_firmwaresa8155snapdragon_x55_5g_modem-rf_systemsa9000p_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_4_gen_2_mobile_platformsa7255pwsa8845h_firmwaresnapdragon_8_gen_3_mobile_platformwcn3999_firmwareqfw7114sm7250p_firmwareqca6595auqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6584ausa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsa8775p_firmwareqcs6490qcs8550_firmwarewcn3988_firmwareqcn9074srv1hsa6145p_firmwareqca6421sm6250c-v2x_9150fastconnect_6700_firmwaresa8195psxr1120wsa8810_firmwareqcn6224wsa8845hsnapdragon_x62_5g_modem-rf_systemwcd9395_firmwarewcd9335wcd9326snapdragon_x75_5g_modem-rf_systemsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)sg4150pqca8081snapdragon_auto_5g_modem-rf_gen_2qcm4490snapdragon_x35_5g_modem-rf_systemsa7775pqcs5430qca6174a_firmwareqam8620pqcs4290_firmwaresa8770p_firmwaresxr2130_firmwarewcd9385qcs6490_firmwaresnapdragon_665_mobile_platform_firmwarear8035wcd9375aqt1000snapdragon_768g_5g_mobile_platform_\(sm7250-ac\)sm6250_firmwarewcd9390snapdragon_662_mobile_platformwsa8815_firmwareqcm6490wsa8835_firmwaresxr1120_firmwaresxr2250p_firmwaresnapdragon_730g_mobile_platform_\(sm7150-ab\)snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)sg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa4150pqcm6125_firmwareqca6688aq_firmwareqcm4325qcm2290_firmwarewcn3990snapdragon_732g_mobile_platform_\(sm7150-ac\)sd865_5gfastconnect_6800qca6595qru1032qdu1010_firmwaresd888sa8530p_firmwareqdx1011qdu1000wsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresa8540p_firmwaresnapdragon_auto_5g_modem-rfqcn6274sd_8_gen1_5gsnapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwaresnapdragon_730_mobile_platform_\(sm7150-aa\)_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresxr2130snapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwaresmart_audio_400_platformqca6574aqca6174asm7325pqru1062sa8650psa9000pqca6574_firmwaresm4125_firmwaresd855sm7325p_firmwaresxr2230pwsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqru1032_firmwaresnapdragon_665_mobile_platformsa8775pqca6574a_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwarefastconnect_6200_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)snapdragon_x55_5g_modem-rf_system_firmwaresm7315qca6391snapdragon_710_mobile_platformsnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)fastconnect_7800aqt1000_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcm4490_firmwareqcn6274_firmwaresnapdragon_auto_4g_modemqcm4290qcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformsrv1h_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwarevideo_collaboration_vc1_platform_firmwareqca6574ausnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwaresa8155p_firmwarewcd9341_firmwareqcm6125wsa8810fastconnect_7800_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresm8550psnapdragon_680_4g_mobile_platformsm6370srv1m_firmwaresnapdragon_ar2_gen_1_platformqam8650p_firmwaresnapdragon_675_mobile_platformwcn6740qca6696qcs8550snapdragon_x50_5g_modem-rf_systemsa6150psnapdragon_8_gen_3_mobile_platform_firmwaresnapdragon_732g_mobile_platform_\(sm7150-ac\)_firmwarewcd9390_firmwareqcn6024qdu1210sm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwaresnapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)qcn9074_firmwaresnapdragon_xr1_platform_firmwareSnapdragonqam8255p_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresg8275p_firmwareqca6431_firmwareqcn6224_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwarewcn3990_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwareqam8295p_firmwaresa9000p_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3999_firmwaresm7250p_firmwarewsa8845h_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwarewsa8840_firmwaresa4155p_firmwaresa8155_firmwareqcs8550_firmwaresc8380xp_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwareqcs4290_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwareqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresm6250_firmwareqcc710_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwareqcn7606_firmwaresa8295p_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwaresnapdragon_750g_5g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqdu1010_firmwaresnapdragon_670_mobile_platform_firmwaresa8530p_firmwaresd670_firmwaresxr1230p_firmwareqdu1110_firmwaresa8540p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwarec-v2x_9150_firmwareqca6430_firmwaresm6370_firmwareqfw7114_firmwarewcd9335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcs4490_firmwarear8031_firmwareqcm6490_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqcn9024_firmwaresa7255p_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwareqdx1010_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareqca6595_firmwaresnapdragon_720g_mobile_platform_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaressg2115p_firmwaresw5100_firmwareqcn9074_firmwareqam8620p_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-23368
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 14:17
Updated-01 Aug, 2024 | 23:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Qualcomm IPC

Memory corruption when allocating and accessing an entry in an SMEM partition.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7325-ae_firmwareipq4028_firmwareqca8337qfw7124sg8275p_firmwarear9380ipq8173_firmwareqam8775pqcf8001qamsrv1mqru1052snapdragon_888_5g_mobile_platformqcn5124wcn3950_firmwareqca6595au_firmwaresa6155video_collaboration_vc3_platformsnapdragon_480_5g_mobile_platformqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3950qcn6024_firmwaresm4125immersive_home_316_platform_firmwarewcn3660bqsm8350_firmwaresnapdragon_460_mobile_platformqsm8350snapdragon_660_mobile_platform_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqcn6422_firmwareqca8081_firmwareqca6420qcn9002snapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareqca0000sa8155_firmwarerobotics_rb3_platform_firmwareipq8068qca6430sa7775p_firmwaresdx65mwcd9340qca6698aq_firmwaresnapdragon_690_5g_mobile_platformipq5312qualcomm_205_mobile_platform_firmwareqca9888_firmwareqcn6122qca6696_firmwareqcn5154_firmwareqru1052_firmwaresa8150pqca9992_firmwaresd660sd865_5g_firmwaresd660_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresa8770psnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca9985_firmwareipq4018_firmwaresnapdragon_778g_5g_mobile_platform_firmwaressg2125pqca9980_firmwaresdm429wipq8078qca8084qcm8550ipq8173qcn9001_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574qdu1110_firmwarecsr8811_firmwaresnapdragon_7c\+_gen_3_computewcd9380snapdragon_x72_5g_modem-rf_system_firmwareqcs410snapdragon_210_processorqcn5024sxr1230pvideo_collaboration_vc3_platform_firmwareqca9985qcn9012_firmwareqcn9274_firmwarewsa8845ipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwarepmp8074_firmwareqcn6112qcs8250ipq6028ipq8064sd835pmp8074snapdragon_x62_5g_modem-rf_system_firmwareipq9574_firmwarewcn3980_firmwaresd730immersive_home_3210_platform_firmwaresa8295pwcn6740_firmwareqcs4490_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemapq8064au_firmwareipq8078_firmwaresa8650p_firmwarefastconnect_6900qcn5054snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresnapdragon_660_mobile_platformqca9994srv1lqca9980qdx1011_firmwareqcn9024_firmwarefsm20056ipq8174_firmwaresd670snapdragon_8\+_gen_2_mobile_platformqcm4290_firmwareqcn6412_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwareipq5302_firmwareqamsrv1m_firmwareqcm5430qualcomm_215_mobile_platform_firmwaresa6145pqca9886_firmwareimmersive_home_214_platformqcs5430_firmwaresnapdragon_750g_5g_mobile_platformqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresm8550p_firmwareqdx1010sdx55qcn5021_firmwarecsra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255pqdu1210_firmwaresa4155ptalynplus_firmwarewsa8830sxr2230p_firmwaresnapdragon_x24_lte_modem_firmwareqam8650pcsrb31024mdm9628_firmwareflight_rb5_5g_platformmdm9650snapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwarefsm10055_firmwareqcn6224_firmwareqca8082qca9992qcs4290srv1l_firmwareqca6420_firmwaresnapdragon_auto_4g_modem_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqca9984_firmwareqca9377ipq9554wcd9385_firmwarewcd9326_firmwarefastconnect_6200wcn3615_firmwareqamsrv1h_firmwareipq8074asm7325-afqcn6102_firmwareqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemsnapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresa7255psdx55_firmwaresnapdragon_4_gen_2_mobile_platformqcn6023_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114sm7250p_firmwarewcn3615wcn3610_firmwarewsa8845h_firmwareqrb5165nqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemipq8174qcn5052qca9367qcn6112_firmwaresm8250-acwcn3988_firmwareqcn9074srv1hqca8085sm7250-aafastconnect_6700_firmwaresa8195psxr1120qcn6224wcd9326snapdragon_x75_5g_modem-rf_systemwcd9335wcd9395_firmwaresnapdragon_auto_5g_modem-rf_gen_2qcm4490qcn6023qcs4290_firmwaresa8770p_firmwareqca8085_firmwareipq5300sxr2130_firmwareqcs6490_firmwareipq9570sm7150-abqca9898_firmwarewcd9375aqt1000snapdragon_210_processor_firmwaresm6250_firmwaresnapdragon_662_mobile_platformipq5010_firmwareipq8074a_firmwarewsa8815_firmwarevideo_collaboration_vc5_platform_firmwaresxr1120_firmwaresxr2250p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwarerobotics_rb5_platform_firmwaresd865_5gqca6595qdu1010_firmwarequalcomm_205_mobile_platformipq8065_firmwaresxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274qcn6422qcn5154qca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresxr2130smart_audio_400_platformqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareipq8070a_firmwareqru1062sa8650psa9000pqca6574_firmwareqca9886sm7325p_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresa8775pqrb5165msm7315snapdragon_x55_5g_modem-rf_system_firmwareqcn6102snapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcn6274_firmwaresnapdragon_auto_4g_modemcsrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcn9070_firmwareqcm2150ipq6028_firmwareipq8072a_firmwareqcn6432_firmwareqca9889_firmwareqcn5122qcs8250_firmwaresm7250-aa_firmwaresm8550psnapdragon_8_gen_1_mobile_platform_firmwaresm8150-ac_firmwareqcn5022sm8350-acqca6564_firmwarewcn6740qcs8550sm6150-acsnapdragon_x50_5g_modem-rf_systemqca8075snapdragon_8_gen_3_mobile_platform_firmwareqcn6024qcn9022qdu1210qcn9002_firmwareipq6000_firmwareqcs410_firmwarefsm10055qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqcs610snapdragon_820_automotive_platform_firmwareqca4024_firmwarewsa8840snapdragon_212_mobile_platformimmersive_home_318_platform_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335csra6620_firmwarecsra6640_firmwareqep8111_firmwareqam8295pipq8076amdm9628qca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwaresm7150-acqcn6412sm7325-aeqca6574au_firmwareqcn5164_firmwarewcd9375_firmwaresa6155_firmwaresm6225-adsnapdragon_xr2\+_gen_1_platformqca6678aq_firmwaresmart_audio_400_platform_firmwaresm6225-ad_firmwareqrb5165m_firmwareipq5028qca7500ipq4029_firmwareqca6698aqqcs6125sa4155p_firmwareqcf8001_firmwarewsa8840_firmwareipq6010sm7250-ab_firmwareqru1062_firmwarerobotics_rb3_platformsnapdragon_8\+_gen_1_mobile_platformsnapdragon_720g_mobile_platformqcn6132snapdragon_780g_5g_mobile_platformsw5100fsm10056_firmwareqca6436sa6155pfsm20055_firmwareqdu1000_firmwareqcf8000sxr2250psnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341qam8775p_firmwareipq8068_firmwaresa8255pipq9008_firmwaresnapdragon_x12_lte_modemqca6797aqwcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarerobotics_rb5_platformsm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwareqca9898sa8295p_firmwareipq4028wcn3610qca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwaresw5100pmsm8996au_firmwareipq8076a_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca6564auipq9008qualcomm_215_mobile_platformqcn5164qcn6402_firmwarefastconnect_6700ipq9554_firmwareqcn5054_firmwareipq4019_firmwaresm7150-aa_firmwaresg8275pqca8072_firmwareqca6430_firmwareqcn5052_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwarewcn3980qca6335_firmwarewcn3910qca6320mdm9650_firmwaresnapdragon_4_gen_1_mobile_platformqca6426_firmwarewcn3660b_firmwarewcn3680qca9984snapdragon_670_mobile_platformqcn9024snapdragon_xr2\+_gen_1_platform_firmwareipq5302ipq8064_firmwaresm7150-aasnapdragon_820_automotive_platformsnapdragon_x50_5g_modem-rf_system_firmwaresnapdragon_xr2_5g_platformwcn3680_firmwaresm7150-ab_firmwareipq8070qca6797aq_firmwareqdu1010qca6564a_firmwaresa7255p_firmwareqca9880sa8620psnapdragon_x24_lte_modemwsa8832ipq5332immersive_home_326_platformipq6018qcc710qcs4490qca6595_firmwaresa8145pwcd9395snapdragon_710_mobile_platform_firmwareimmersive_home_214_platform_firmwaresm4350-ac_firmwaresd888_firmwareqcn6402sa8155pqep8111snapdragon_720g_mobile_platform_firmwarear8035_firmwareqcm2290snapdragon_855_mobile_platformqcn5024_firmwaresnapdragon_662_mobile_platform_firmwareqcn9070sa8145p_firmwareqcs2290_firmwarefsm10056csra6620qcn9072sm7250-ac_firmwareqca8386qca9880_firmwaresnapdragon_888_5g_mobile_platform_firmwareipq6000sd730_firmwarewcd9370ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwareqdu1110qcn9000_firmwaresm8250-abqamsrv1himmersive_home_216_platformtalynplusimmersive_home_316_platformimmersive_home_318_platformqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqca8082_firmwareqca6320_firmwaresa9000p_firmwarewcn3680b_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_212_mobile_platform_firmwareqca6595ausm7325-af_firmwaresnapdragon_429_mobile_platformqca6436_firmwaresm4350-acsnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareipq5010qca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca6310qcn9274sa8775p_firmwareqcn9001qca9990qcs6490video_collaboration_vc5_platformqcs8550_firmwarevision_intelligence_300_platform_firmwaresa6145p_firmwarefsm20056_firmwaresm6250wsa8810_firmwarevision_intelligence_400_platformwsa8845hsnapdragon_x62_5g_modem-rf_systemsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresg4150pqcs7230qca8081snapdragon_x35_5g_modem-rf_systemipq8071asa7775psdx65m_firmwareqam8620pqca6174a_firmwareipq8071a_firmwareqcs5430immersive_home_3210_platformwcd9385snapdragon_x12_lte_modem_firmwarear8035csr8811apq8064auipq4019wcd9390qcn9100_firmwarevision_intelligence_400_platform_firmwarewcn3620_firmwareqcm6490wsa8835_firmwarewcn3620qca6564asa4150psg4150p_firmwareqcm4325qca8072qcm2290_firmwaresnapdragon_845_mobile_platformqcm2150_firmwarewcn3990qcn9000qcf8000_firmwarefastconnect_6800ar9380_firmwareqru1032sm8350-ac_firmwareqcs7230_firmwaresnapdragon_835_mobile_pc_platformqcn9012sm8150-acsd888qdx1011qdu1000immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835msm8996ausdm429w_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gsnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwareipq4018qca6574aqca9889qca6174asm7325pqca9994_firmwareqcn9003ipq8076_firmwaresm7150-ac_firmwaresm7250-absd855sm4125_firmwareipq8076qru1032_firmwarewsa8845_firmwarefastconnect_6200_firmwareqcn5021qcn5152vision_intelligence_300_platformsm8250-ab_firmwareqca6391snapdragon_710_mobile_platformfastconnect_7800aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290ipq5300_firmwareipq9570_firmwaresrv1h_firmwareqcn9011video_collaboration_vc1_platform_firmwareipq5312_firmwareqca6574ausa8155p_firmwareipq9574wcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810sm7250-acipq5332_firmwaresnapdragon_680_4g_mobile_platformsm6370srv1m_firmwaresnapdragon_ar2_gen_1_platformwcn3680bsd835_firmwareqam8650p_firmwaresnapdragon_675_mobile_platformipq6010_firmwareqca6696fsm20055sa6150pqcn9022_firmwarewcd9390_firmwareqca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwareipq4029qcn6432snapdragon_xr1_platform_firmwareSnapdragonqca9377_firmwareqam8255p_firmwaresa6150p_firmwareipq4028_firmwaresg8275p_firmwareipq8173_firmwaresnapdragon_820_automotive_platform_firmwareqca4024_firmwarewcn3950_firmwareimmersive_home_318_platform_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwareqcn5164_firmwareqcn6422_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwaresnapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwareipq4029_firmwaresa4155p_firmwaresa8155_firmwareqcf8001_firmwarerobotics_rb3_platform_firmwareqru1062_firmwaresa7775p_firmwarefsm10056_firmwarefsm20055_firmwareqdu1000_firmwareqca6698aq_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca9888_firmwareqam8775p_firmwareipq8068_firmwareqca6696_firmwareipq9008_firmwareqcn5154_firmwareqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresd855_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca9985_firmwareipq4018_firmwareqca8337_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwareqca7500_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareqcn9001_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwareqdu1110_firmwareqcn6402_firmwarecsr8811_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareipq9554_firmwareqcn5054_firmwareipq4019_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwareqca6335_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarepmp8074_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq8064_firmwaresnapdragon_x50_5g_modem-rf_system_firmwarewcn6740_firmwareqcs4490_firmwareapq8064au_firmwarewcn3680_firmwareipq8078_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqdx1011_firmwareqcn9024_firmwareipq8174_firmwareqca6564a_firmwaresa7255p_firmwareqcm4290_firmwareqcn6412_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwareipq5302_firmwareqamsrv1m_firmwarequalcomm_215_mobile_platform_firmwareqca9886_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwareimmersive_home_214_platform_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwareqcn5021_firmwaressg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqdu1210_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwareqcn5024_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresxr2230p_firmwaresa8145p_firmwaresnapdragon_x24_lte_modem_firmwareqcs2290_firmwaremdm9628_firmwareflight_rb5_5g_platform_firmwarefsm10055_firmwareqcn6224_firmwareqca9880_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwareqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarewcd9326_firmwarewcn3615_firmwareqamsrv1h_firmwareqcn5124_firmwareqam8295p_firmwareqcn6102_firmwareqcn9011_firmwareqcn6100_firmwareqca8082_firmwareqca6320_firmwaresa9000p_firmwaresnapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwarewcn3680b_firmwarewsa8845h_firmwareqcn6023_firmwaresnapdragon_212_mobile_platform_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresa8775p_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwareqcn6112_firmwarewcn3988_firmwaresa6145p_firmwarefsm20056_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9395_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresdx65m_firmwareqca6174a_firmwareipq8071a_firmwareqcs4290_firmwaresa8770p_firmwareqca8085_firmwaresxr2130_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwareqca9898_firmwaresnapdragon_210_processor_firmwaresm6250_firmwareqcn9100_firmwarevision_intelligence_400_platform_firmwarewcn3620_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresxr1120_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwareqcm2290_firmwarerobotics_rb5_platform_firmwareqcm2150_firmwareqcf8000_firmwarear9380_firmwareqcs7230_firmwareqdu1010_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresdm429w_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqcn6132_firmwareqcn9003_firmwareqca6310_firmwareqca9994_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresm4125_firmwaresm7325p_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareaqt1000_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcm4490_firmwareqcn6274_firmwaresnapdragon_845_mobile_platform_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareipq5300_firmwareqcn9070_firmwareipq9570_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwaresa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresrv1m_firmwaresd835_firmwareqca6564_firmwareqam8650p_firmwareipq6010_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqcn9022_firmwarewcd9390_firmwareqca9990_firmwareqcn9002_firmwareqcn9072_firmwareipq6000_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14002
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.58%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

APKs without proper permission may bind to CallEnhancementService and can lead to unauthorized access to call status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6574AU, QCS605, QM215, SA6155P, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SM6150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920sa6155p_firmwaremsm8953sdm450sdm636_firmwaresdm429wmsm8996au_firmwaresdm632_firmwareapq8098_firmwaresdm845sdm450_firmwaresdm632sdm660msm8920_firmwaresdm439sdm630sm8250_firmwaresdm429msm8940_firmwareqca6574ausm6150msm8909w_firmwareqm215msm8996ausdm429w_firmwaremsm8917sa6155psxr2130msm8937qcs605_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm636sdm630_firmwareapq8098sda660_firmwareqm215_firmwareqcs605msm8940apq8053apq8096au_firmwaremsm8953_firmwaresm6150_firmwaremsm8917_firmwaremsm8937_firmwaresdm429_firmwaresm8150sm8250qca6574au_firmwaresda660nicobar_firmwaremsm8909wapq8053_firmwaresdm660_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-14023
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Rennell, SA6155P, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresm8150_firmwaresxr2130_firmwarerennellrennell_firmwaremdm9607_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150mdm9607sm8150sdx55_firmwaresm7150nicobar_firmwaresa6155psxr2130nicobarSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2019-14021
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and payload size received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareqcm2150_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150msm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wmsm8909_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660sc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607sdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14060
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due to lack of check of return value for read or write blob in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098ipq6018_firmwaremdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwareipq8064sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwareipq8064_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405ipq8074_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmdm9150msm8937mdm9207c_firmwareipq6018mdm9207csm8150_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwarerennellsdm630_firmwarerennell_firmwareqm215_firmwareipq4019sdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017saipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2019-14026
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.01%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareapq8096_firmwaremdm9640_firmwaremsm8996au_firmwaresdm845apq8096sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150qca6574msm8996ausm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206qca9379_firmwareqca6174asdm670_firmwareqcs404sdx24_firmwareqca6584au_firmwareipq8074sdm636sda845_firmwareqca9377apq8098qcn7605ipq6018_firmwaremdm9206_firmwareqca6574_firmwareqca9886qcs605mdm9650_firmwareqca6574au_firmwaresda660sxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845nicobarsdm850_firmwareqca6584ausa6155p_firmwaresdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pqca8081mdm9207c_firmwareipq6018mdm9207cqca6174a_firmwareqca9886_firmwaresm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareapq8053sm6150_firmwareapq8096au_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwareqca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14036
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.01%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwareipq8074apq8064apq8096aumsm8996au_firmwareqcn7605mdm9615mdm9607_firmwareipq4019ipq8074_firmwareapq8096au_firmwaremdm9607msm8996aumdm9615_firmwareipq8064apq8064_firmwareqcn7605_firmwareipq8064_firmwareipq4019_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-14009
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access while processing TZ command handler due to improper input validation on response length received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, MDM9150, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDM850, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaremdm9150_firmwaresdm636_firmwareapq8098_firmwaresdm845msm8998_firmwaresdm660sdm630mdm9607_firmwaremdm9650mdm9607apq8009_firmwaremdm9150sxr2130msm8905sxr2130_firmwaremsm8909sdm636sda845_firmwaresdm630_firmwareapq8098sda660_firmwaremdm9650_firmwaremsm8998sdm850msm8905_firmwaresda660apq8009msm8909_firmwaresdm660_firmwaresda845sdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14123
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.64%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs404sxr2130_firmwarerennellsc7180rennell_firmwareqcs404_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwarekamortasdx55_firmwaresm7150sxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14130
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.46%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs404sxr2130_firmwarerennellsc7180rennell_firmwareqcs404_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwarekamortasdx55_firmwaresm7150sxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14071
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Compromised reset handler may bypass access control due to AC config is being reset if debug path is enabled to collect secure or non-secure ram dumps in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ6018, MDM9205, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8096_firmwareqcm2150_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439qcs404_firmwaresdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausm7150msm8917sdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwareipq6018_firmwaremdm9205qcs605msm8937_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630sdm660sc8180x_firmwareqcs405sdm710qm215apq8017_firmwaresdm710_firmwaresa6155pmsm8937msm8996_firmwareipq6018sm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850apq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2019-14001
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.16%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QM215, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8953sdm450sdm636_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm450_firmwaresdm632sdx20sdm660sdm439mdm9607_firmwaresdm630mdm9650sdm429msm8909w_firmwaremdm9607msm8996auqm215sdm429w_firmwareapq8017_firmwareapq8009_firmwaremsm8909wmsm8917mdm9207c_firmwaremdm9206msm8905mdm9207capq8096ausdm439_firmwaresdm636sdm630_firmwaremdm9206_firmwareqm215_firmwaremsm8953_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresdm429_firmwaremdm9650_firmwaresdx20_firmwaremsm8905_firmwareapq8017apq8009apq8053_firmwaresdm660_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-14124
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.44%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs404sxr2130_firmwarerennellsc7180rennell_firmwareqcs404_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwarekamortasdx55_firmwaresm7150sxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2019-14091
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.41%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellrennell_firmwaresm8250_firmwaremdm9607_firmwaresdx55sc8180x_firmwareqcs405saipan_firmwaresm8250mdm9607sm8150sdx55_firmwaresaipansxr2130sc8180xSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-415
Double Free
CWE ID-CWE-667
Improper Locking
CVE-2019-14048
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound memory access while playing a crafted clip in media player in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150sm8150_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14047
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8096AU, MDM9607, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCS605, SC8180X, SDA845, SDX20, SDX24, SDX55, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresdx24_firmwareapq8096aumsm8996au_firmwareqcs605_firmwaresda845_firmwaresdx20qcn7605sdx24mdm9607_firmwareqcs605sc8180x_firmwaresdx55apq8053apq8096au_firmwaremsm8909w_firmwaremdm9607msm8996ausm8150sdx20_firmwareapq8053_firmwaresxr1130_firmwaresdx55_firmwareqcn7605_firmwaremsm8996sxr1130sda845msm8909wsc8180xmsm8996_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14050
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.01%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bound writes occurs due to lack of check of buffer size will cause buffer overflow only in 32bit architecture. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, MDM9150, MDM9205, MDM9607, MDM9650, MSM8905, Nicobar, QCS405, QCS605, Rennell, SA6155P, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaremdm9150_firmwaresa6155p_firmwaresdm636_firmwaresdm845sdm660sdx24sdm630mdm9607_firmwaremdm9650qcs405sm7150_firmwaresdm710sm6150mdm9607sdm710_firmwaresm7150apq8009_firmwaresa6155psdm670mdm9150qcs605_firmwaremsm8905sdm670_firmwaresm8150_firmwaresdx24_firmwaresdm636qcs405_firmwarerennellsda845_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaremdm9205qcs605sm6150_firmwaremdm9650_firmwaresm8150sdm850msm8905_firmwaresda660sxr1130_firmwarenicobar_firmwareapq8009sxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14056
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaremdm9150_firmwaresa6155p_firmwareqcs610sdm636_firmwaresdm845sdm660sdm630qcs404_firmwaremdm9607_firmwaremdm9650sc8180x_firmwareqcs405sm7150_firmwaresdm710sc7180_firmwaremdm9607sm6150sdm710_firmwaresm7150sa6155psdm670qcs610_firmwaremdm9150qcs605_firmwaresc8180xsxr2130sdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwaresdm636qcs405_firmwarerennellsc7180sda845_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaremdm9205qcs605sdx55sm6150_firmwaremdm9650_firmwaresm8150sdm850sda660kamortasdx55_firmwaresxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14041
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-1.23% / 78.97%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer with physical address information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429sm7150_firmwaresm6150msm8909w_firmwaremd9607msm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresda845_firmwareapq8098md9607_firmwaremdm9206_firmwareqcs605sdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8953sdm450sdm845_firmwareapq8098_firmwaresdx20qcm2150sm8250_firmwaresc8180x_firmwareqcs405sdm710qm215apq8017_firmwaresdm710_firmwaresa6155pmdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwareapq8053saipan_firmwaresm6150_firmwareapq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017saipannicobar_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14066
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking Feature ID status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, Rennell, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcs404sxr2130_firmwareqcs405_firmwarerennellsc7180mdm9205_firmwarerennell_firmwaremdm9205qcs404_firmwaremdm9607_firmwaresc8180x_firmwaresdx55qcs405sm7150_firmwaresm6150_firmwaresm6150sc7180_firmwaremdm9607kamortasm7150sdx55_firmwarenicobar_firmwaresa6155psxr2130sc8180xnicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-13994
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.64%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mbitraapq8098qcn7605mdm9206_firmwarebitra_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130apq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996saipanmdm9640kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8996_firmwareipq6018apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14100
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.44%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9207C, MDM9607, Nicobar, QCS405, SA6155P, SC8180X, SDX55, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9207csa6155p_firmwaresm8150_firmwareqcs405_firmwaremdm9206_firmwaremdm9607_firmwaresdx55sc8180x_firmwareqcs405mdm9607sm8150sdx55_firmwarenicobar_firmwaresa6155psc8180xmdm9207c_firmwarenicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-13995
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.48%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mbitraapq8098qcn7605mdm9206_firmwarebitra_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130apq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996saipanmdm9640kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8996_firmwareipq6018apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14028
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareapq8096_firmwaremdm9640_firmwareqca4531_firmwaremsm8996au_firmwaresdm845apq8096sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150qca6574msm8996ausm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206qca6564qca9379_firmwareqca6174asdm670_firmwareqcs404sdx24_firmwareqca6584au_firmwareipq8074sdm636sda845_firmwareqca9377qca4531apq8098qcn7605ipq6018_firmwaremdm9206_firmwareqca6574_firmwareqca9886qcs605qca6584_firmwaremdm9650_firmwareqca6584qca6574au_firmwaresda660sxr1130_firmwareapq8064_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845nicobarsdm850_firmwareqca6584ausa6155p_firmwaresdm636_firmwareapq8064sdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pqca8081mdm9207c_firmwareipq6018mdm9207cqca6174a_firmwareqca9886_firmwareqca6564_firmwaresm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareapq8053sm6150_firmwareapq8096au_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwareqca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14015
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.01%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, MDM9205, MSM8996, MSM8996AU, Nicobar, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresa6155p_firmwareapq8096_firmwaresdm636_firmwaremsm8996au_firmwaresdm845apq8096sdm660sdx24sdm630qcs404_firmwaresc8180x_firmwareqcs405sm7150_firmwaresdm710sm6150msm8996ausdm710_firmwaresm7150sa6155psdm670sxr2130qcs605_firmwaremsm8996_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm636qcs405_firmwarerennellsda845_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaremdm9205qcs605sdx55apq8096au_firmwaresm6150_firmwaresm8150sdm850sda660sdx55_firmwaresxr1130_firmwaremsm8996nicobar_firmwaresxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14076
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.80%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaremdm9150_firmwaresdm845sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150sm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwaresda845_firmwaresa415mapq8098mdm9205mdm9206_firmwareqcs605mdm9650_firmwaremsm8905_firmwaresxr1130_firmwaresdx55_firmwaresxr1130apq8009msm8909_firmwaresda845nicobarsdm850_firmwareapq8098_firmwaremsm8998_firmwaremdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710sc7180_firmwaremdm9607sdm710_firmwaremdm9150msm8905sm8150_firmwaremsm8909sxr2130_firmwareqcs405_firmwarerennellsc7180mdm9205_firmwarerennell_firmwaresdx55sm6150_firmwaresm8250msm8998sm8150sdm850kamortanicobar_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14077
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaremdm9150_firmwaresdm845sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150sm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mapq8098ipq6018_firmwaremdm9205qcs605mdm9650_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaresdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710sc7180_firmwaremdm9607sdm710_firmwaresa6155pmdm9150ipq6018sm8150_firmwaremsm8909sxr2130_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaresdx55sm6150_firmwaresm8250msm8998sm8150sdm850kamortanicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-14122
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory failure in SKB if it fails to to add the requested padding to the skb in low memory targets or targets with major memory fragmentation in Snapdragon Auto, Snapdragon Mobile in Saipan, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sxr2130saipan_firmwaresm8250sm8150_firmwaresm8150sxr2130_firmwaresaipansm8250_firmwareSnapdragon Auto, Snapdragon Mobile
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2019-13999
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.48%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mapq8098qcn7605mdm9206_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130apq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180msm8953_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996mdm9640kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205sa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8996_firmwareipq6018apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14049
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.35%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stage-2 fault will occur while writing to an ION system allocation which has been assigned to non-HLOS memory which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MSM8953, QCN7605, QCS605, SC8180X, SDA845, SDM429, SDM439, SDM450, SDM632, SDX20, SDX24, SDX55, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8953sdm450sdm632_firmwaresdm450_firmwaresdm632sdx20sdx24sdm439mdm9607_firmwaresc8180x_firmwaresdm429mdm9607apq8017_firmwareqcn7605_firmwareqcs605_firmwaremdm9207c_firmwaresc8180xmdm9206mdm9207csm8150_firmwaresdx24_firmwareapq8096ausdm439_firmwaresda845_firmwareqcn7605mdm9206_firmwareqcs605sdx55msm8953_firmwareapq8053apq8096au_firmwaresdm429_firmwaresm8150sdx20_firmwaresxr1130_firmwaresdx55_firmwareapq8017sxr1130apq8053_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-617
Reachable Assertion
  • Previous
  • 1
  • 2
  • ...
  • 9
  • 10
  • 11
  • ...
  • 46
  • 47
  • Next
Details not found