CVE-2024-45563

MEDIUM
2025-05-06 [email protected]
6.6
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
Low

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 18:40 vuln.today
Patch Released
Mar 28, 2026 - 18:40 nvd
Patch available
CVE Published
May 06, 2025 - 09:15 nvd
MEDIUM 6.6

Tags

Memory Corruption Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Sdm429w Firmware Snapdragon 429 Mobile Firmware Snapdragon 8 Gen 1 Mobile Firmware Sxr2230p Firmware Sxr2250p Firmware Wcd9380 Firmware Wcd9385 Firmware Wcn3620 Firmware Wcn3660b Firmware Wsa8830 Firmware Wsa8832 Firmware Wsa8835 Firmware

Description

Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding session.

Analysis

Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding session. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Technical Context

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding session. Affected products include: Qualcomm Fastconnect 6900 Firmware, Qualcomm Fastconnect 7800 Firmware, Qualcomm Sdm429W Firmware, Qualcomm Snapdragon 429 Mobile Firmware, Qualcomm Snapdragon 8 Gen 1 Mobile Firmware.

Affected Products

Qualcomm Fastconnect 6900 Firmware, Qualcomm Fastconnect 7800 Firmware, Qualcomm Sdm429W Firmware, Qualcomm Snapdragon 429 Mobile Firmware, Qualcomm Snapdragon 8 Gen 1 Mobile Firmware.

Remediation

A vendor patch is available. Apply the latest security update as soon as possible. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

Priority Score

33
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +33
POC: 0

Share

CVE-2024-45563 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy