Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2026-04843

Опубликовано: 07 окт. 2024
Источник: fstec
CVSS3: 8.2
CVSS2: 8.5
EPSS Низкий

Описание

Уязвимость микропрограммного обеспечения встраиваемых плат Qualcomm связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, раскрыть защищаемую информацию

Вендор

Qualcomm Technologies Inc.

Наименование ПО

WCD9380
WSA8830
WSA8835
MSM8909W
SD660
SD835
Snapdragon 429 Mobile Platform
Snapdragon 835 Mobile PC Platform
Snapdragon 865 5G Mobile Platform
Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
Snapdragon 870 5G Mobile Platform (SM8250-AC)
Snapdragon W5+ Gen 1 Wearable Platform
Snapdragon X55 5G Modem-RF System
Snapdragon XR2 5G Platform
Snapdragon 4 Gen 1 Mobile Platform
Snapdragon 460 Mobile Platform
Snapdragon 480 5G Mobile Platform
Snapdragon 480+ 5G Mobile Platform (SM4350-AC)
Snapdragon 662 Mobile Platform
Snapdragon 680 4G Mobile Platform
Snapdragon 685 4G Mobile Platform (SM6225-AD)
Snapdragon 695 5G Mobile Platform
Snapdragon 8+ Gen 1 Mobile Platform
Snapdragon 845 Mobile Platform
Qualcomm® Video Collaboration VC1 Platform
Qualcomm® Video Collaboration VC3 Platform
Snapdragon 8 Gen 2 Mobile Platform
Snapdragon 8+ Gen 2 Mobile Platform
SA4155P
SA8770P
QCA6564AU
QCA6574
QCA6574A
QCA6574AU
SD626
Snapdragon 8 Gen 3 Mobile Platform
Snapdragon XR1 Platform
SXR1120
Vision Intelligence 100 Platform (APQ8053-AA)
Vision Intelligence 200 Platform (APQ8053-AC)
SA4150P
SA8775P
MSM8108
MSM8209
MSM8608
Snapdragon 208 Processor
Snapdragon Wear 2100 Platform
Snapdragon Wear 2500 Platform
Snapdragon Wear 3100 Platform
QAM8620P
SA7775P
SA8620P
SA8650P
SM6370
SRV1H
SRV1L
SRV1M
FastConnect 6700
FastConnect 6900
FastConnect 7800
WCD9370
WCD9390
WCD9395
WCN3950
WSA8810
WSA8815
WSA8840
WSA8845
WSA8845H
QAM8255P
QAM8295P
QAM8650P
QAM8775P
QAMSRV1H
QAMSRV1M
QCA6595
QCA6595AU
QCA6696
QCA6698AQ
QCA6797AQ
QCM6490
QCS410
QCS610
QCS6490
SA6155P
SA7255P
SA8155P
SA8195P
SA8255P
SA8295P
SA9000P
SM8550P
WCD9340
WCD9341
WCD9375
WCD9385
WCN3980
WCN3988
FastConnect 6200
FastConnect 6800
QCA6391
QCA6426
QCA6436
QCM6125
QCS6125
SA6145P
SA6150P
SA6155
SA8145P
SA8150P
SA8155
SD865 5G
SDM429W
SG4150P
SM4125
Smart Display 200 Platform (APQ5053-AA)
Snapdragon 625 Mobile Platform
Snapdragon 626 Mobile Platform
SW5100
SW5100P
SXR2130
WCD9326
WCD9335
WCN3610
WCN3615
WCN3620
WCN3660B
WCN3680B
WCN3910
WCN3990
APQ8064AU
Robotics RB3 Platform
Smart Audio 200 Platform
Snapdragon 660 Mobile Platform
Snapdragon 820 Automotive Platform
Vision Intelligence 400 Platform
QCA6310
QCA6335
QCA6564A
MSM8996AU
QCA6320
QCA6564
Snapdragon 210 Processor
Snapdragon 212 Mobile Platform
Qualcomm 215 Mobile Platform
Qualcomm 205 Mobile Platform

Версия ПО

- (WCD9380)
- (WSA8830)
- (WSA8835)
- (MSM8909W)
- (SD660)
- (SD835)
- (Snapdragon 429 Mobile Platform)
- (Snapdragon 835 Mobile PC Platform)
- (Snapdragon 865 5G Mobile Platform)
- (Snapdragon 865+ 5G Mobile Platform (SM8250-AB))
- (Snapdragon 870 5G Mobile Platform (SM8250-AC))
- (Snapdragon W5+ Gen 1 Wearable Platform)
- (Snapdragon X55 5G Modem-RF System)
- (Snapdragon XR2 5G Platform)
- (Snapdragon 4 Gen 1 Mobile Platform)
- (Snapdragon 460 Mobile Platform)
- (Snapdragon 480 5G Mobile Platform)
- (Snapdragon 480+ 5G Mobile Platform (SM4350-AC))
- (Snapdragon 662 Mobile Platform)
- (Snapdragon 680 4G Mobile Platform)
- (Snapdragon 685 4G Mobile Platform (SM6225-AD))
- (Snapdragon 695 5G Mobile Platform)
- (Snapdragon 8+ Gen 1 Mobile Platform)
- (Snapdragon 845 Mobile Platform)
- (Qualcomm® Video Collaboration VC1 Platform)
- (Qualcomm® Video Collaboration VC3 Platform)
- (Snapdragon 8 Gen 2 Mobile Platform)
- (Snapdragon 8+ Gen 2 Mobile Platform)
- (SA4155P)
- (SA8770P)
- (QCA6564AU)
- (QCA6574)
- (QCA6574A)
- (QCA6574AU)
- (SD626)
- (Snapdragon 8 Gen 3 Mobile Platform)
- (Snapdragon XR1 Platform)
- (SXR1120)
- (Vision Intelligence 100 Platform (APQ8053-AA))
- (Vision Intelligence 200 Platform (APQ8053-AC))
- (SA4150P)
- (SA8775P)
- (MSM8108)
- (MSM8209)
- (MSM8608)
- (Snapdragon 208 Processor)
- (Snapdragon Wear 2100 Platform)
- (Snapdragon Wear 2500 Platform)
- (Snapdragon Wear 3100 Platform)
- (QAM8620P)
- (SA7775P)
- (SA8620P)
- (SA8650P)
- (SM6370)
- (SRV1H)
- (SRV1L)
- (SRV1M)
- (FastConnect 6700)
- (FastConnect 6900)
- (FastConnect 7800)
- (WCD9370)
- (WCD9390)
- (WCD9395)
- (WCN3950)
- (WSA8810)
- (WSA8815)
- (WSA8840)
- (WSA8845)
- (WSA8845H)
- (QAM8255P)
- (QAM8295P)
- (QAM8650P)
- (QAM8775P)
- (QAMSRV1H)
- (QAMSRV1M)
- (QCA6595)
- (QCA6595AU)
- (QCA6696)
- (QCA6698AQ)
- (QCA6797AQ)
- (QCM6490)
- (QCS410)
- (QCS610)
- (QCS6490)
- (SA6155P)
- (SA7255P)
- (SA8155P)
- (SA8195P)
- (SA8255P)
- (SA8295P)
- (SA9000P)
- (SM8550P)
- (WCD9340)
- (WCD9341)
- (WCD9375)
- (WCD9385)
- (WCN3980)
- (WCN3988)
- (FastConnect 6200)
- (FastConnect 6800)
- (QCA6391)
- (QCA6426)
- (QCA6436)
- (QCM6125)
- (QCS6125)
- (SA6145P)
- (SA6150P)
- (SA6155)
- (SA8145P)
- (SA8150P)
- (SA8155)
- (SD865 5G)
- (SDM429W)
- (SG4150P)
- (SM4125)
- (Smart Display 200 Platform (APQ5053-AA))
- (Snapdragon 625 Mobile Platform)
- (Snapdragon 626 Mobile Platform)
- (SW5100)
- (SW5100P)
- (SXR2130)
- (WCD9326)
- (WCD9335)
- (WCN3610)
- (WCN3615)
- (WCN3620)
- (WCN3660B)
- (WCN3680B)
- (WCN3910)
- (WCN3990)
- (APQ8064AU)
- (Robotics RB3 Platform)
- (Smart Audio 200 Platform)
- (Snapdragon 660 Mobile Platform)
- (Snapdragon 820 Automotive Platform)
- (Vision Intelligence 400 Platform)
- (QCA6310)
- (QCA6335)
- (QCA6564A)
- (MSM8996AU)
- (QCA6320)
- (QCA6564)
- (Snapdragon 210 Processor)
- (Snapdragon 212 Mobile Platform)
- (Qualcomm 215 Mobile Platform)
- (Qualcomm 205 Mobile Platform)

Тип ПО

Микропрограммный код
Сетевое средство

Операционные системы и аппаратные платформы

-

Уровень опасности уязвимости

Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 8,5)
Высокий уровень опасности (базовая оценка CVSS 3.1 составляет 8,2)

Возможные меры по устранению уязвимости

Использование рекомендаций:
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 56%
0.00324
Низкий

8.2 High

CVSS3

8.5 High

CVSS2

Связанные уязвимости

nvd логотип

CVE-2024-45552

CVSS3: 8.2
nvd
около 1 года назад

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.

github логотип

GHSA-xpwg-v658-286m

CVSS3: 8.2
github
около 1 года назад

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.

EPSS

Процентиль: 56%
0.00324
Низкий

8.2 High

CVSS3

8.5 High

CVSS2