Skip to main content

Snapdragon 210 Processor Firmware

11 CVEs product

Monthly

CVE-2025-21487 HIGH This Month

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware +222
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-21484 HIGH This Month

Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Sm8750 Firmware Sm8750p Firmware Sm8850 Firmware +170
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-21483 CRITICAL This Week

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware Fastconnect 6200 Firmware +221
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2024-53026 HIGH This Week

CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoLTE and VoWiFi call processing. When a malicious or malformed RTCP (Real-time Transport Control Protocol) packet is received during an active call, the vulnerable system leaks sensitive information to a network-adjacent attacker without requiring authentication or user interaction. The CVSS 8.2 rating reflects high confidentiality impact with partial availability degradation; exploitation likelihood and real-world activity status require cross-referencing with EPSS and KEV data.

Information Disclosure Wcd9335 Firmware Sm7325p Firmware Qcn9274 Firmware Sa6155 Firmware +207
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-53021 HIGH This Week

CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processing that allows unauthenticated remote attackers to leak sensitive data through malicious goodbye (BYE) RTCP packets. The vulnerability affects multiple VoIP and real-time communication products processing RTCP traffic; attackers can extract confidential information across the network without authentication or user interaction, and may also cause limited availability impact. The high CVSS score of 8.2 reflects the severe confidentiality impact and network-based attack vector, though exploitation complexity is low.

Sm7250p Firmware Vision Intelligence 300 Platform Firmware Qcn9274 Firmware Qcm8550 Firmware Qcs6125 Firmware +198
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-53020 HIGH This Week

CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that occurs when decoding packets with malformed header extensions. An attacker on the network can send specially crafted RTP packets to trigger memory disclosure, potentially exposing sensitive information while also causing minor availability impact. The vulnerability affects multiple implementations of RTP protocol handling across various media processing frameworks and VoIP applications; while there is no confirmed active KEV status or public exploit code documented, the high CVSS score (8.2) combined with network accessibility (CVSS:3.1/AV:N) indicates significant real-world risk to exposed services.

Information Disclosure 205 Mobile Platform Firmware 215 Mobile Platform Firmware Apq8017 Firmware Apq8064au Firmware +207
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2025-21430 HIGH This Week

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware Qcn9274 Firmware Qcm8550 Firmware +219
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-21429 HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 9206 Lte Modem Firmware Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware +178
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-21428 HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 9206 Lte Modem Firmware Apq8017 Firmware Ar8031 Firmware C V2x 9150 Firmware +65
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-45552 HIGH This Week

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apq8064au Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +142
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-43066 HIGH This Week

Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption Csrb31024 Firmware Fastconnect 6200 Firmware +96
NVD
CVSS 3.1
7.8
EPSS
0.1%
EPSS 0% CVSS 8.2
HIGH This Month

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apq8017 Firmware +224
NVD
EPSS 0% CVSS 8.2
HIGH This Month

Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Sm8750 Firmware +172
NVD
EPSS 0% CVSS 9.8
CRITICAL This Week

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware +223
NVD
EPSS 0% CVSS 8.2
HIGH This Week

CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoLTE and VoWiFi call processing. When a malicious or malformed RTCP (Real-time Transport Control Protocol) packet is received during an active call, the vulnerable system leaks sensitive information to a network-adjacent attacker without requiring authentication or user interaction. The CVSS 8.2 rating reflects high confidentiality impact with partial availability degradation; exploitation likelihood and real-world activity status require cross-referencing with EPSS and KEV data.

Information Disclosure Wcd9335 Firmware Sm7325p Firmware +209
NVD
EPSS 0% CVSS 8.2
HIGH This Week

CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processing that allows unauthenticated remote attackers to leak sensitive data through malicious goodbye (BYE) RTCP packets. The vulnerability affects multiple VoIP and real-time communication products processing RTCP traffic; attackers can extract confidential information across the network without authentication or user interaction, and may also cause limited availability impact. The high CVSS score of 8.2 reflects the severe confidentiality impact and network-based attack vector, though exploitation complexity is low.

Sm7250p Firmware Vision Intelligence 300 Platform Firmware Qcn9274 Firmware +200
NVD
EPSS 0% CVSS 8.2
HIGH This Week

CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that occurs when decoding packets with malformed header extensions. An attacker on the network can send specially crafted RTP packets to trigger memory disclosure, potentially exposing sensitive information while also causing minor availability impact. The vulnerability affects multiple implementations of RTP protocol handling across various media processing frameworks and VoIP applications; while there is no confirmed active KEV status or public exploit code documented, the high CVSS score (8.2) combined with network accessibility (CVSS:3.1/AV:N) indicates significant real-world risk to exposed services.

Information Disclosure 205 Mobile Platform Firmware 215 Mobile Platform Firmware +209
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware +221
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 9206 Lte Modem Firmware Apq8017 Firmware +180
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 9206 Lte Modem Firmware Apq8017 Firmware +67
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apq8064au Firmware +144
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption +98
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy