EUVD-2024-54634

| CVE-2024-53019 HIGH
2025-06-03 [email protected]
8.2
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 17:04 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 17:04 euvd
EUVD-2024-54634
CVE Published
Jun 03, 2025 - 06:15 nvd
HIGH 8.2

Tags

Information Disclosure Wsa8840 Firmware Fastconnect 7800 Firmware Sm7675p Firmware Sm8635p Firmware Wcd9378 Firmware Wsa8845h Firmware Wcd9340 Firmware Sdm429w Firmware Sa8155p Firmware Snapdragon 4 Gen 1 Mobile Platform Firmware Qca6696 Firmware Wcn6650 Firmware Sm8650q Firmware Qcs4490 Firmware Wcn3660b Firmware Wcd9370 Firmware Fastconnect 6900 Firmware Sm8635 Firmware Qmp1000 Firmware Snapdragon 695 5g Mobile Platform Firmware Wcn6450 Firmware Wcn3990 Firmware Sm6650p Firmware Sm8550p Firmware Wsa8832 Firmware Wcd9341 Firmware Fastconnect 6700 Firmware Sd835 Firmware Wcd9380 Firmware Sm8735 Firmware Sa6155p Firmware Sm7635 Firmware Sm7675 Firmware Wcd9335 Firmware Wcd9390 Firmware Wsa8845 Firmware Wcn3950 Firmware Wcn7880 Firmware Sw5100 Firmware Snapdragon 8 Gen 2 Mobile Platform Firmware Wcd9385 Firmware Snapdragon 835 Mobile Pc Platform Firmware Wcn6755 Firmware Sw5100p Firmware Sm8750p Firmware Snapdragon 480 5g Mobile Platform Firmware Snapdragon 429 Mobile Platform Firmware Wcn3988 Firmware Wsa8835 Firmware Sa8195p Firmware Snapdragon 4 Gen 2 Mobile Platform Firmware Sm6650 Firmware Wcn7861 Firmware Wsa8810 Firmware Fastconnect 6200 Firmware Sa4150p Firmware Sd 8 Gen1 5g Firmware Wcn7860 Firmware Wcn7881 Firmware Wcn3680b Firmware Qca6310 Firmware Qca6320 Firmware Wcd9375 Firmware Wcn3620 Firmware Wcn7750 Firmware Wsa8815 Firmware Sa4155p Firmware Talynplus Firmware Snapdragon 8 Gen 1 Mobile Platform Firmware Wsa8830 Firmware Snapdragon 8 Gen 3 Mobile Platform Firmware Qcm4490 Firmware Wcn3980 Firmware Wcn6740 Firmware Sm8750 Firmware Wcd9395 Firmware Sm4635 Firmware

Description

Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.

Analysis

Network-based information disclosure vulnerability in RTP (Real-time Transport Protocol) packet decoding that occurs when the CSRC (Contributing Source) count header field is improperly validated, allowing an attacker to read sensitive memory contents. The vulnerability affects any system processing RTP streams with malformed headers and has a high CVSS score of 8.2 due to the combination of high confidentiality impact and network accessibility without authentication; no patch availability, KEV status, EPSS score, or active exploitation details are currently documented.

Technical Context

RTP (RFC 3550) is a widely-used protocol for real-time media transport over IP networks. The vulnerability exists in the RTP header parsing logic, specifically in how the CC (CSRC count) field—which indicates the number of contributing sources in the CSRC list—is processed. CWE-126 (Buffer Over-read) indicates the root cause: improper validation of the CC header field length allows reading beyond allocated buffer boundaries, leaking adjacent heap/stack memory. This affects any RTP decoder/library that fails to validate that the declared CSRC count matches actual available packet data before dereferencing the header structure. Vulnerable implementations likely include libavformat (FFmpeg), GStreamer RTP plugins, PJSIP, Kurento, and other multimedia frameworks that parse RTP headers without bounds checking on the CC field.

Affected Products

Without specific CPE data provided, the vulnerability likely affects: (1) FFmpeg libavformat RTP decoder (all versions prior to patch); (2) GStreamer RTP plugins; (3) PJSIP library; (4) Kurento media server; (5) Asterisk PBX; (6) Any custom or proprietary RTP implementation with improper header validation. Specific versions depend on when the fix was merged upstream. Organizations should check vendor security advisories for their specific RTP-capable software (VoIP clients, conferencing platforms, streaming servers, media gateways). This is likely a regression or legacy bug affecting long-supported product lines.

Remediation

Remediation requires: (1) Immediate action: Identify all systems processing RTP streams (VoIP servers, conferencing platforms, media gateways, video surveillance systems); (2) Patch/Update: Apply vendor security updates to RTP libraries and applications as they become available—check FFmpeg, GStreamer, PJSIP, Asterisk, Kurento project pages for CVE-2024-53019 patches; (3) Temporary mitigation: Implement network-level filtering to reject malformed RTP packets with invalid CSRC counts (if detection logic is available); restrict RTP traffic to trusted sources only; (4) Workaround: If patching is delayed, disable RTP decoding features or use hardware appliances with updated firmware; (5) Validation: After patching, test RTP functionality end-to-end to ensure no regression. Monitor vendor advisories (NIST NVD, vendor security pages) for patch release timelines.

Priority Score

41
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +41
POC: 0

Share

EUVD-2024-54634 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy