Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Ac Firmware
CVE-2024-33065
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Memory corruption while taking snapshot when an offset variable is set by camera driver.
AnalysisAI
Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. Memory corruption while taking snapshot when an offset variable is set by camera driver. Affected products include: Qualcomm Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180X-Ac\) Firmware, Qualcomm Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180X-Af\) Firmware, Qualcomm Snapdragon 8Cx Compute Platform \(Sc8180Xp-Ac\) Firmware, Qualcomm Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180Xp-Aa\) Firmware, Qualcomm Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180Xp-Ab\) Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. Rated high severity (
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV
Memory corruption while IOCTL call is invoked from user-space to read board data. Rated high severity (CVSS 7.8), this v
Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. Rated high severity (CVSS
Memory corruption while processing escape code in API. Rated high severity (CVSS 7.8), this vulnerability is low attack
Transient DOS may occur while parsing SSID in action frames. Rated high severity (CVSS 7.5), this vulnerability is remot
Transient DOS while parsing the EPTM test control message to get the test pattern. Rated high severity (CVSS 7.5), this
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. Rated high severity (CVSS
Cryptographic issue while parsing RSA keys in COBR format. Rated high severity (CVSS 7.1), this vulnerability is low att
memory corruption when an invalid firehose patch command is invoked. Rated medium severity (CVSS 6.8), this vulnerabilit
Same weakness CWE-20 – Improper Input Validation
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today