Lucene search

QualcommCVE-2024-33054

HistorySep 02, 2024 - 12:15 p.m.

CVE-2024-33054

2024-09-0212:15:18

CWE-787

CWE-120

qualcomm

web.nvd.nist.gov

memory corruption

handshake

virtual machine

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.6%

JSON

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.

Affected configurations

Nvd

Node

qualcommfastconnect_6700_firmwareMatch-

AND

qualcommfastconnect_6700Match-

Node

qualcommfastconnect_6900_firmwareMatch-

AND

qualcommfastconnect_6900Match-

Node

qualcommfastconnect_7800_firmwareMatch-

AND

qualcommfastconnect_7800Match-

Node

qualcommqcm5430_firmwareMatch-

AND

qualcommqcm5430Match-

Node

qualcommqcm6490_firmwareMatch-

AND

qualcommqcm6490Match-

Node

qualcommqcm8550_firmwareMatch-

AND

qualcommqcm8550Match-

Node

qualcommqcs5430_firmwareMatch-

AND

qualcommqcs5430Match-

Node

qualcommqcs6490_firmwareMatch-

AND

qualcommqcs6490Match-

Node

qualcommqcs8550_firmwareMatch-

AND

qualcommqcs8550Match-

Node

qualcommvideo_collaboration_vc3_firmwareMatch-

AND

qualcommvideo_collaboration_vc3Match-

Node

qualcommsdm429w_firmwareMatch-

AND

qualcommsdm429wMatch-

Node

qualcommsg8275p_firmwareMatch-

AND

qualcommsg8275pMatch-

Node

qualcommsm8550p_firmwareMatch-

AND

qualcommsm8550pMatch-

Node

qualcommsm8635_firmwareMatch-

AND

qualcommsm8635Match-

Node

qualcommsnapdragon_429_mobile_firmwareMatch-

AND

qualcommsnapdragon_429_mobileMatch-

Node

qualcommsnapdragon_8_gen_2_mobile_firmwareMatch-

AND

qualcommsnapdragon_8_gen_2_mobileMatch-

Node

qualcommsnapdragon_8_gen_3_mobile_firmwareMatch-

AND

qualcommsnapdragon_8_gen_3_mobileMatch-

Node

qualcommsnapdragon_8\+_gen_2_mobile_firmwareMatch-

AND

qualcommsnapdragon_8\+_gen_2_mobileMatch-

Node

qualcommwcd9370_firmwareMatch-

AND

qualcommwcd9370Match-

Node

qualcommwcd9375_firmwareMatch-

AND

qualcommwcd9375Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwcd9390_firmwareMatch-

AND

qualcommwcd9390Match-

Node

qualcommwcd9395_firmwareMatch-

AND

qualcommwcd9395Match-

Node

qualcommwcn3620_firmwareMatch-

AND

qualcommwcn3620Match-

Node

qualcommwcn3660b_firmwareMatch-

AND

qualcommwcn3660bMatch-

Node

qualcommwcn6755_firmwareMatch-

AND

qualcommwcn6755Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8832_firmwareMatch-

AND

qualcommwsa8832Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

Node

qualcommwsa8840_firmwareMatch-

AND

qualcommwsa8840Match-

Node

qualcommwsa8845_firmwareMatch-

AND

qualcommwsa8845Match-

Node

qualcommwsa8845h_firmwareMatch-

AND

qualcommwsa8845hMatch-

VendorProductVersionCPE
qualcommfastconnect_6700_firmware-cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_6700-cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*
qualcommfastconnect_6900_firmware-cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_6900-cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
qualcommfastconnect_7800_firmware-cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_7800-cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
qualcommqcm5430_firmware-cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*
qualcommqcm5430-cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*
qualcommqcm6490_firmware-cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
qualcommqcm6490-cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	fastconnect_6700_firmware	-	cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:::::::*
qualcomm	fastconnect_6700	-	cpe:2.3:h:qualcomm:fastconnect_6700:-:::::::*
qualcomm	fastconnect_6900_firmware	-	cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::*
qualcomm	fastconnect_6900	-	cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::*
qualcomm	fastconnect_7800_firmware	-	cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::*
qualcomm	fastconnect_7800	-	cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::*
qualcomm	qcm5430_firmware	-	cpe:2.3:o:qualcomm:qcm5430_firmware:-:::::::*
qualcomm	qcm5430	-	cpe:2.3:h:qualcomm:qcm5430:-:::::::*
qualcomm	qcm6490_firmware	-	cpe:2.3:o:qualcomm:qcm6490_firmware:-:::::::*
qualcomm	qcm6490	-	cpe:2.3:h:qualcomm:qcm6490:-:::::::*

Rows per page:

1-10 of 661

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto",
      "Snapdragon Compute",
      "Snapdragon Consumer IOT",
      "Snapdragon Industrial IOT",
      "Snapdragon Mobile",
      "Snapdragon Wearables"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "FastConnect 6700"
      },
      {
        "status": "affected",
        "version": "FastConnect 6900"
      },
      {
        "status": "affected",
        "version": "FastConnect 7800"
      },
      {
        "status": "affected",
        "version": "QCM5430"
      },
      {
        "status": "affected",
        "version": "QCM6490"
      },
      {
        "status": "affected",
        "version": "QCM8550"
      },
      {
        "status": "affected",
        "version": "QCS5430"
      },
      {
        "status": "affected",
        "version": "QCS6490"
      },
      {
        "status": "affected",
        "version": "QCS8550"
      },
      {
        "status": "affected",
        "version": "Qualcomm Video Collaboration VC3 Platform"
      },
      {
        "status": "affected",
        "version": "SDM429W"
      },
      {
        "status": "affected",
        "version": "SG8275P"
      },
      {
        "status": "affected",
        "version": "SM8550P"
      },
      {
        "status": "affected",
        "version": "SM8635"
      },
      {
        "status": "affected",
        "version": "Snapdragon 429 Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 8 Gen 2 Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 8 Gen 3 Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 8+ Gen 2 Mobile Platform"
      },
      {
        "status": "affected",
        "version": "WCD9370"
      },
      {
        "status": "affected",
        "version": "WCD9375"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WCD9385"
      },
      {
        "status": "affected",
        "version": "WCD9390"
      },
      {
        "status": "affected",
        "version": "WCD9395"
      },
      {
        "status": "affected",
        "version": "WCN3620"
      },
      {
        "status": "affected",
        "version": "WCN3660B"
      },
      {
        "status": "affected",
        "version": "WCN6755"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8832"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      },
      {
        "status": "affected",
        "version": "WSA8840"
      },
      {
        "status": "affected",
        "version": "WSA8845"
      },
      {
        "status": "affected",
        "version": "WSA8845H"
      }
    ]
  }
]

References

docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.6%

JSON

Related for CVE-2024-33054