Sg8275p Firmware
CVE-2024-53027
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
Transient DOS may occur while processing the country IE.
AnalysisAI
Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Technical ContextAI
This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. Affected products include: Qualcomm Qca9367 Firmware, Qualcomm Qca9377 Firmware, Qualcomm Qcc2073 Firmware, Qualcomm Qcc2076 Firmware, Qualcomm Qcc710 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.
More in Sg8275p Firmware
View allCryptographic issue occurs due to use of insecure connection method while downloading.
Information disclosure may occur due to improper permission and access controls to Video Analytics engine. Rated high se
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to w
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential f
Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low
Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vu
Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is
Memory corruption vulnerability in Qualcomm's Virtual Machine (VM) attachment mechanism that occurs when the Host Linux
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the vid
Memory corruption while processing data packets in diag received from Unix clients.
Memory corruption while processing video packets received from video firmware.
CVE-2025-21432 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today