Skip to main content

Snapdragon Wear 4100 Platform Firmware

47 CVEs product

Monthly

CVE-2025-27074 HIGH This Month

Memory corruption while processing a GP command response. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8064au Firmware Csr8811 Firmware Immersive Home 214 Platform Firmware Immersive Home 216 Platform Firmware +91
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-21482 HIGH This Month

Cryptographic issue while performing RSA PKCS padding decoding. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +283
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2024-45556 MEDIUM This Month

Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fastconnect 6900 Firmware Fastconnect 7800 Firmware Immersive Home 3210 Platform Firmware Immersive Home 326 Platform Firmware +56
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-45549 HIGH This Month

Information disclosure while creating MQ channels. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sm8550p Firmware Sm8635 Firmware Sm8635p Firmware Sm8650q Firmware +154
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2024-43065 HIGH This Week

Cryptographic issues while generating an asymmetric key pair for RKP use cases. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fastconnect 7800 Firmware Qam8255p Firmware Qam8295p Firmware Qam8620p Firmware +160
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-43046 MEDIUM This Month

There may be information disclosure during memory re-allocation in TZ Secure OS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Csr8811 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +304
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-43052 HIGH This Week

Memory corruption while processing API calls to NPU with invalid input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8037 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +85
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33056 HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +319
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33044 HIGH This Week

Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Csrb31024 Firmware +204
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38403 MEDIUM PATCH This Month

Transient DOS while parsing BTM ML IE when per STA profile is not included. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +73
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-33032 MEDIUM PATCH This Month

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Wsa8835 Firmware Wsa8832 Firmware Wsa8830 Firmware Wsa8815 Firmware +63
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2024-23385 MEDIUM PATCH This Month

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +87
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-33016 MEDIUM This Month

memory corruption when an invalid firehose patch command is invoked. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qcn9000 Firmware Qcn9011 Firmware Qcn9012 Firmware Qcn9013 Firmware +327
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2024-23364 HIGH This Week

Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +173
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23359 HIGH This Week

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Qcn9024 Firmware Qcs4490 Firmware Qcs5430 Firmware +156
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-23358 HIGH This Week

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8037 Firmware Ar8035 Firmware Fastconnect 7800 Firmware +49
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23353 HIGH This Week

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +243
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-21479 HIGH This Week

Transient DOS during music playback of ALAC content. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8835 Firmware Wsa8832 Firmware Wsa8830 Firmware Wsa8815 Firmware +90
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23373 HIGH PATCH This Week

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware Aqt1000 Firmware +218
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-21461 HIGH This Week

Memory corruption while performing finish HMAC operation when context is freed by keymaster. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware Apq8017 Firmware Apq8037 Firmware +307
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33120 HIGH This Week

Memory corruption in Audio when memory map command is executed consecutively in ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware Qcm8550 Firmware Qcs8250 Firmware +225
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33114 HIGH PATCH This Week

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +109
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2023-33110 HIGH This Week

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Snapdragon 425 Mobile Platform Firmware Snapdragon 427 Mobile Platform Firmware Snapdragon 429 Mobile Platform Firmware +115
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33033 HIGH This Week

Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware +256
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2023-33030 CRITICAL Act Now

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +289
NVD
CVSS 3.1
9.3
EPSS
0.1%
CVE-2023-28583 MEDIUM This Month

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Qca6420 Firmware Qca6430 Firmware +26
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-33107 HIGH KEV PATCH THREAT This Week

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware Apq8064au Firmware +233
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-33070 MEDIUM PATCH This Month

Transient DOS in Automotive OS due to improper authentication to the secure IO calls. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware C V2x 9150 Firmware +98
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-33063 HIGH KEV PATCH THREAT This Week

Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Modem Firmware Apq8017 Firmware +278
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-33054 CRITICAL Act Now

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Authentication Bypass 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware +164
NVD
CVSS 3.1
9.1
EPSS
0.4%
CVE-2023-33024 HIGH This Week

Memory corruption while sending SMS from AP firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Wcn3991 Firmware Wcn3998 Firmware +67
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-33018 HIGH This Week

Memory corruption while using the UIM diag command to get the operators name. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +258
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28551 HIGH This Week

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +238
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28550 HIGH This Week

Memory corruption in MPP performance while accessing DSM watermark using external memory address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +325
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22668 HIGH PATCH This Week

Memory Corruption in Audio while invoking IOCTLs calls from the user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Aqt1000 Firmware Ar8035 Firmware +53
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22383 HIGH PATCH This Week

Memory Corruption in camera while installing a fd for a particular DMA buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Aqt1000 Firmware C V2x 9150 Firmware +56
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21634 HIGH This Week

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +46
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33059 HIGH PATCH This Week

Memory corruption in Audio while processing the VOC packet data from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware +255
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-33031 HIGH PATCH This Week

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +160
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28570 HIGH This Week

Memory corruption while processing audio effects. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware +79
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28554 MEDIUM PATCH This Month

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Information Disclosure Aqt1000 Firmware Ar9380 Firmware +144
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-24849 HIGH This Week

Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +233
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-24848 HIGH This Week

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +239
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-22385 CRITICAL Act Now

Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +235
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-28537 HIGH This Week

Memory corruption while allocating memory in COmxApeDec module in Audio. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware Aqt1000 Firmware +180
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21666 HIGH PATCH This Week

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Buffer Overflow Wcn3998 Firmware Qca6390 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +161
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-21665 HIGH PATCH This Week

Memory corruption in Graphics while importing a file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware Apq8017 Firmware Apq8052 Firmware +216
NVD
CVSS 3.1
7.8
EPSS
0.2%
EPSS 0% CVSS 8.8
HIGH This Month

Memory corruption while processing a GP command response. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8064au Firmware Csr8811 Firmware +93
NVD
EPSS 0% CVSS 7.1
HIGH This Month

Cryptographic issue while performing RSA PKCS padding decoding. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +285
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fastconnect 6900 Firmware Fastconnect 7800 Firmware +58
NVD
EPSS 0% CVSS 7.7
HIGH This Month

Information disclosure while creating MQ channels. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sm8550p Firmware Sm8635 Firmware +156
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Cryptographic issues while generating an asymmetric key pair for RKP use cases. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fastconnect 7800 Firmware Qam8255p Firmware +162
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

There may be information disclosure during memory re-allocation in TZ Secure OS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Csr8811 Firmware Csra6620 Firmware +306
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while processing API calls to NPU with invalid input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8037 Firmware +87
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +321
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +206
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Transient DOS while parsing BTM ML IE when per STA profile is not included. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +75
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Wsa8835 Firmware Wsa8832 Firmware +65
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Wsa8845h Firmware Wsa8845 Firmware +89
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

memory corruption when an invalid firehose patch command is invoked. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qcn9000 Firmware Qcn9011 Firmware +329
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware +175
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Qcn9024 Firmware +158
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8037 Firmware +51
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +245
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS during music playback of ALAC content. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Wsa8835 Firmware Wsa8832 Firmware +92
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +220
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while performing finish HMAC operation when context is freed by keymaster. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +309
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in Audio when memory map command is executed consecutively in ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware +227
NVD
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Buffer Overflow +111
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Snapdragon 425 Mobile Platform Firmware +117
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware +258
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +291
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +28
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +235
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Transient DOS in Automotive OS due to improper authentication to the secure IO calls. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Aqt1000 Firmware Ar8031 Firmware +100
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +280
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Authentication Bypass 315 5g Iot Modem Firmware +166
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while sending SMS from AP firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +69
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while using the UIM diag command to get the operators name. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +260
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +240
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption in MPP performance while accessing DSM watermark using external memory address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +327
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Audio while invoking IOCTLs calls from the user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +55
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in camera while installing a fd for a particular DMA buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +58
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +48
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Audio while processing the VOC packet data from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +257
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware +162
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while processing audio effects. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +81
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Information Disclosure +146
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware +235
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware +241
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +237
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while allocating memory in COmxApeDec module in Audio. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware +182
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Buffer Overflow Wcn3998 Firmware Qca6390 Firmware +163
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in Graphics while importing a file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow 315 5g Iot Modem Firmware 9206 Lte Modem Firmware +218
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy