Skip to main content

Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Ac Firmware CVE-2024-33065

HIGH
Improper Input Validation (CWE-20)
2024-10-07 product-security@qualcomm.com
8.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.4 HIGH
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 23, 2026 - 16:37 vuln.today
CVE Published
Oct 07, 2024 - 13:15 nvd
HIGH 8.4

DescriptionCVE.org

Memory corruption while taking snapshot when an offset variable is set by camera driver.

AnalysisAI

Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. Memory corruption while taking snapshot when an offset variable is set by camera driver. Affected products include: Qualcomm Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180X-Ac\) Firmware, Qualcomm Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180X-Af\) Firmware, Qualcomm Snapdragon 8Cx Compute Platform \(Sc8180Xp-Ac\) Firmware, Qualcomm Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180Xp-Aa\) Firmware, Qualcomm Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180Xp-Ab\) Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-21481 HIGH
8.4 Aug 05

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. Rated high severity (

CVE-2024-23359 HIGH
8.2 Sep 02

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated

CVE-2025-21441 HIGH
7.8 Apr 07

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV

CVE-2025-21440 HIGH
7.8 Apr 07

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV

CVE-2025-21438 HIGH
7.8 Apr 07

Memory corruption while IOCTL call is invoked from user-space to read board data. Rated high severity (CVSS 7.8), this v

CVE-2025-21423 HIGH
7.8 Apr 07

Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. Rated high severity (CVSS

CVE-2025-21421 HIGH
7.8 Apr 07

Memory corruption while processing escape code in API. Rated high severity (CVSS 7.8), this vulnerability is low attack

CVE-2025-21448 HIGH
7.5 Apr 07

Transient DOS may occur while parsing SSID in action frames. Rated high severity (CVSS 7.5), this vulnerability is remot

CVE-2025-47318 HIGH
7.5 Sep 24

Transient DOS while parsing the EPTM test control message to get the test pattern. Rated high severity (CVSS 7.5), this

CVE-2024-23353 HIGH
7.5 Aug 05

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. Rated high severity (CVSS

CVE-2024-23362 HIGH
7.1 Sep 02

Cryptographic issue while parsing RSA keys in COBR format. Rated high severity (CVSS 7.1), this vulnerability is low att

CVE-2024-33016 MEDIUM
6.8 Sep 02

memory corruption when an invalid firehose patch command is invoked. Rated medium severity (CVSS 6.8), this vulnerabilit

Share

CVE-2024-33065 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy