CVE-2024-43060
HIGHCVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Tags
Description
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
Analysis
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Technical Context
This vulnerability is classified under CWE-823. Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP. Affected products include: Qualcomm Ar8035 Firmware, Qualcomm Fastconnect 6900 Firmware, Qualcomm Fastconnect 7800 Firmware, Qualcomm Qam8295P Firmware, Qualcomm Qca6574Au Firmware.
Affected Products
Qualcomm Ar8035 Firmware, Qualcomm Fastconnect 6900 Firmware, Qualcomm Fastconnect 7800 Firmware, Qualcomm Qam8295P Firmware, Qualcomm Qca6574Au Firmware.
Remediation
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today