Wcd9385 Firmware
CVE-2024-49845
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Memory corruption during the FRS UDS generation process.
AnalysisAI
Memory corruption during the FRS UDS generation process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. Affected products include: Qualcomm Wcd9385 Firmware, Qualcomm Wcd9390 Firmware, Qualcomm Wcd9395 Firmware, Qualcomm Wcn3950 Firmware, Qualcomm Wcn3988 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Wcd9385 Firmware
View allQualcomm GPU micronode contains a memory corruption vulnerability (CVE-2025-21480, CVSS 8.6) caused by unauthorized comm
A second Qualcomm GPU micronode memory corruption vulnerability (CVE-2025-21479, CVSS 8.6) exists in the unauthorized co
A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo
Qualcomm Adreno GPU drivers in Chrome contain a use-after-free vulnerability (CVE-2025-27038, CVSS 7.5) enabling memory
Memory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vul
Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this
Memory corruption in WLAN Host while processing RRM beacon on the AP. Rated critical severity (CVSS 9.8), this vulnerabi
Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. Rated critical seve
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. Rated critical severity
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this v
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vuln
Memory corruption in Modem while processing security related configuration before AS Security Exchange. Rated critical s
Same weakness CWE-20 – Improper Input Validation
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today