Skip to main content

Snapdragon 855 860 Mobile Platform Sm8150 Ac Firmware CVE-2024-23352

HIGH
Loop with Unreachable Exit Condition (Infinite Loop) (CWE-835)
2024-08-05 product-security@qualcomm.com
Denial Of Service Snapdragon 855 860 Mobile Platform Sm8150 Ac Firmware Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware Wsa8832 Firmware Wsa8830 Firmware Wsa8815 Firmware Wsa8810 Firmware Wcn6740 Firmware Wcn3988 Firmware Wcn3950 Firmware Wcd9395 Firmware Wcd9390 Firmware Wcd9385 Firmware Wcd9380 Firmware Wcd9375 Firmware Wcd9370 Firmware Wcd9360 Firmware Wcd9341 Firmware Wcd9340 Firmware Sxr2130 Firmware Snapdragon Xr2 5g Platform Firmware Snapdragon X75 5g Modem Rf System Firmware Snapdragon X72 5g Modem Rf System Firmware Snapdragon X70 Modem Rf System Firmware Snapdragon X65 5g Modem Rf System Firmware Snapdragon X62 5g Modem Rf System Firmware Snapdragon X55 5g Modem Rf System Firmware Snapdragon X35 5g Modem Rf System Firmware Snapdragon Auto 5g Modem Rf Gen 2 Firmware Snapdragon Auto 5g Modem Rf Firmware Snapdragon 888 5G Mobile Platform Sm8350 Ac Firmware Snapdragon 888 5g Mobile Platform Firmware Snapdragon 870 5G Mobile Platform Sm8250 Ac Firmware Snapdragon 865 5G Mobile Platform Sm8250 Ab Firmware Snapdragon 865 5g Mobile Platform Firmware Snapdragon 855 Mobile Platform Firmware Snapdragon 8 Gen 2 Mobile Platform Firmware Snapdragon 8 Gen 1 Mobile Platform Firmware Snapdragon 8 Gen 3 Mobile Platform Firmware Snapdragon 7C Gen 3 Compute Firmware Snapdragon 782G Mobile Platform Sm7325 Af Firmware Snapdragon 780g 5g Mobile Platform Firmware Snapdragon 778G 5G Mobile Platform Sm7325 Ae Firmware Snapdragon 778g 5g Mobile Platform Firmware Snapdragon 768G 5G Mobile Platform Sm7250 Ac Firmware Snapdragon 765G 5G Mobile Platform Sm7250 Ab Firmware Snapdragon 765 5G Mobile Platform Sm7250 Aa Firmware Snapdragon 750g 5g Mobile Platform Firmware Snapdragon 695 5g Mobile Platform Firmware Snapdragon 690 5g Mobile Platform Firmware Snapdragon 480 5G Mobile Platform Sm4350 Ac Firmware Snapdragon 480 5g Mobile Platform Firmware Snapdragon 4 Gen 1 Mobile Platform Firmware Sm8550p Firmware Sm7325p Firmware Sm7315 Firmware Sm7250p Firmware Sg8275p Firmware Sdx71m Firmware Sdx57m Firmware Sdx55 Firmware Sd888 Firmware Sd865 5g Firmware Sd855 Firmware Video Collaboration Vc3 Platform Firmware Qfw7124 Firmware Qfw7114 Firmware Qep8111 Firmware Qcs8550 Firmware Qcs6490 Firmware Qcs5430 Firmware Qcs4490 Firmware Qcn9024 Firmware Qcn6274 Firmware Qcn6224 Firmware Qcn6024 Firmware Qcm8550 Firmware Qcm6490 Firmware Qcm5430 Firmware Qcm4490 Firmware Qcc710 Firmware Qca8337 Firmware Qca8081 Firmware Qca6698aq Firmware Qca6696 Firmware Qca6595au Firmware Qca6584au Firmware Qca6574a Firmware Qca6436 Firmware Qca6431 Firmware Qca6426 Firmware Qca6421 Firmware Qca6391 Firmware Qca6174a Firmware Fastconnect 7800 Firmware Fastconnect 6900 Firmware Fastconnect 6800 Firmware Fastconnect 6700 Firmware Fastconnect 6200 Firmware Ar8035 Firmware 315 5g Iot Modem Firmware
7.5
CVSS 3.1 · Vendor: qualcomm
Share

Severity by source

Vendor (qualcomm) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from Vendor (qualcomm) · only source for this CVE.

CVSS VectorVendor: qualcomm

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 05, 2024 - 15:15 cve.org
HIGH 7.5

DescriptionCVE.org

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.

AnalysisAI

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-835. Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA. Affected products include: Qualcomm Snapdragon 855\+\/860 Mobile Platform \(Sm8150-Ac\) Firmware, Qualcomm Wsa8845H Firmware, Qualcomm Wsa8845 Firmware, Qualcomm Wsa8840 Firmware, Qualcomm Wsa8835 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-23359 HIGH
8.2 Sep 02

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated

CVE-2024-23356 HIGH
7.8 Aug 05

Memory corruption during session sign renewal request calls in HLOS. Rated high severity (CVSS 7.8), this vulnerability

CVE-2025-21430 HIGH
7.5 Apr 07

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high se

CVE-2025-21429 HIGH
7.5 Apr 07

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5

CVE-2024-23362 HIGH
7.1 Sep 02

Cryptographic issue while parsing RSA keys in COBR format. Rated high severity (CVSS 7.1), this vulnerability is low att

CVE-2024-33016 MEDIUM
6.8 Sep 02

memory corruption when an invalid firehose patch command is invoked. Rated medium severity (CVSS 6.8), this vulnerabilit

CVE-2024-45551 MEDIUM
6.2 Apr 07

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verifi

CVE-2024-43046 MEDIUM
5.5 Apr 07

There may be information disclosure during memory re-allocation in TZ Secure OS. Rated medium severity (CVSS 5.5), this

CVE-2025-27032 HIGH
7.8 Sep 24

memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache

CVE-2025-21487 HIGH
8.2 Sep 24

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is great

CVE-2025-21484 HIGH
8.2 Sep 24

Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments f

CVE-2025-21483 CRITICAL
9.8 Sep 24

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. Rated critical se

Share

CVE-2024-23352 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy