C V2x 9150 Firmware
CVE-2024-33037
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Primary rating from Vendor (qualcomm) · only source for this CVE.
CVSS VectorVendor: qualcomm
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
AnalysisAI
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-126. Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. Affected products include: Qualcomm C-V2X 9150 Firmware, Qualcomm Fastconnect 6800 Firmware, Qualcomm Fastconnect 6900 Firmware, Qualcomm Qam8295P Firmware, Qualcomm Qca6174A Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in C V2x 9150 Firmware
View allA Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this v
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulner
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Rated critical severity (CVSS 9.3
Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no
Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitt
Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability i
Memory corruption in Audio when memory map command is executed consecutively in ADSP. Rated high severity (CVSS 7.8), th
Memory corruption during concurrent access to server info object due to incorrect reference count update. Rated high sev
Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shar
Same weakness CWE-126 – Buffer Over-read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today