Skip to main content

Snapdragon 8cx Gen 3 Compute Platform Firmware

22 CVEs product

Monthly

CVE-2025-47358 HIGH This Week

Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently. [CVSS 7.8 HIGH]

Linux Memory Corruption X2000092 Firmware Snapdragon 8cx Gen 3 Compute Platform Firmware X2000086 Firmware +18
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-43050 HIGH This Week

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +51
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-43049 HIGH This Week

Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qcc2073 Firmware +15
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33056 HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +319
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33044 HIGH This Week

Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Csrb31024 Firmware +204
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38410 HIGH PATCH This Week

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Stack Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +22
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38409 HIGH PATCH This Week

Memory corruption while station LL statistic handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +21
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-23357 MEDIUM This Month

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Sm7250p Firmware Qcm8550 Firmware Qcs8250 Firmware Qcs6125 Firmware +233
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-43511 HIGH This Week

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8064au Firmware +346
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33110 HIGH This Week

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Snapdragon 425 Mobile Platform Firmware Snapdragon 427 Mobile Platform Firmware Snapdragon 429 Mobile Platform Firmware +115
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33109 HIGH This Week

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware +301
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33062 HIGH This Week

Transient DOS in WLAN Firmware while parsing a BTM request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +280
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33037 HIGH This Week

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +76
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2023-33036 HIGH This Week

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware +99
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2023-33030 CRITICAL Act Now

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +289
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2023-28556 HIGH This Week

Cryptographic issue in HLOS during key management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28545 HIGH This Week

Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware Ar8031 Firmware +194
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24852 HIGH This Week

Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Aqt1000 Firmware +262
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28558 HIGH This Week

Memory corruption in WLAN handler while processing PhyID in Tx status handler. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +191
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28557 HIGH This Week

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +269
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28549 HIGH This Week

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28548 HIGH PATCH This Week

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware +175
NVD
CVSS 3.1
7.8
EPSS
0.1%
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently. [CVSS 7.8 HIGH]

Linux Memory Corruption X2000092 Firmware +20
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Aqt1000 Firmware +53
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware +17
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +321
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +206
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Stack Overflow Wsa8845h Firmware +24
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while station LL statistic handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +23
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Sm7250p Firmware Qcm8550 Firmware +235
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +348
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Snapdragon 425 Mobile Platform Firmware +117
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware +303
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS in WLAN Firmware while parsing a BTM request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +282
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ar8035 Firmware Fastconnect 6200 Firmware +78
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Aqt1000 Firmware +101
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +291
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Cryptographic issue in HLOS during key management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +218
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in TZ Secure OS while loading an app ELF. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +196
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Core due to secure memory access by user while loading modem image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass 315 5g Iot Modem Firmware +264
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN handler while processing PhyID in Tx status handler. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +193
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +271
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +218
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +177
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy