Fastconnect 7800 Firmware
CVE-2024-21466
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Information disclosure while parsing sub-IE length during new IE generation.
AnalysisAI
Information disclosure while parsing sub-IE length during new IE generation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-191. Information disclosure while parsing sub-IE length during new IE generation. Affected products include: Qualcomm Fastconnect 7800 Firmware, Qualcomm Immersive Home 3210 Platform Firmware, Qualcomm Immersive Home 326 Platform Firmware, Qualcomm Ipq5300 Firmware, Qualcomm Ipq5302 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Fastconnect 7800 Firmware
View allQualcomm GPU micronode contains a memory corruption vulnerability (CVE-2025-21480, CVSS 8.6) caused by unauthorized comm
A second Qualcomm GPU micronode memory corruption vulnerability (CVE-2025-21479, CVSS 8.6) exists in the unauthorized co
A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo
Qualcomm Adreno GPU drivers in Chrome contain a use-after-free vulnerability (CVE-2025-27038, CVSS 7.5) enabling memory
Memory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vul
Memory corruption while redirecting log file to any file location with any file name. Rated critical severity (CVSS 9.8)
Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this v
Memory corruption in Modem while processing security related configuration before AS Security Exchange. Rated critical s
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulner
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. Rated critical severity (CVSS 9.8), this
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received
Same weakness CWE-191 – Integer Underflow
View allSame technique Integer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today