Ipq5028 Firmware Security Vulnerabilities and Issues — Page 3 of Ipq5028 Firmware CVE List

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & M...

9CVSS7.4AI score0.00045EPSS

CVE•added 2023/09/05 7:15 a.m.•55 views

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

7.8CVSS7.9AI score0.00045EPSS

CVE•added 2024/03/04 11:15 a.m.•55 views

CVE-2023-43539

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

7.5CVSS7.6AI score0.00254EPSS

CVE•added 2022/10/19 11:15 a.m.•54 views

CVE-2022-25719

Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...

9.1CVSS9AI score0.00101EPSS

CVE•added 2022/11/15 10:15 a.m.•54 views

CVE-2022-33237

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...

7.5CVSS7.7AI score0.00123EPSS

CVE•added 2023/01/09 8:15 a.m.•54 views

CVE-2022-33284

Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.

8.2CVSS6.8AI score0.00091EPSS

CVE•added 2023/09/05 7:15 a.m.•54 views

CVE-2023-28559

Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.

7.8CVSS8AI score0.00053EPSS

CVE•added 2023/11/07 6:15 a.m.•54 views

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit IES.

7.5CVSS7.5AI score0.00188EPSS

CVE•added 2023/12/05 3:15 a.m.•54 views

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

7.5CVSS7.6AI score0.00188EPSS

CVE•added 2024/02/06 6:16 a.m.•54 views

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.

7.5CVSS7.5AI score0.00145EPSS

CVE•added 2022/12/13 4:15 p.m.•53 views

CVE-2022-33238

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mo...

7.5CVSS7.6AI score0.00145EPSS

CVE•added 2023/01/09 8:15 a.m.•53 views

CVE-2022-33253

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.

7.5CVSS5.9AI score0.00112EPSS

CVE•added 2023/09/05 7:15 a.m.•53 views

CVE-2023-33015

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

7.5CVSS7.5AI score0.00071EPSS

CVE•added 2023/01/09 8:15 a.m.•52 views

CVE-2022-33252

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.

8.2CVSS6AI score0.00063EPSS

CVE•added 2023/01/09 8:15 a.m.•52 views

CVE-2022-33276

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/10/03 6:15 a.m.•52 views

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

7.8CVSS7.2AI score0.00032EPSS

CVE•added 2023/09/05 7:15 a.m.•52 views

CVE-2023-28573

Memory corruption in WLAN HAL while parsing WMI command parameters.

7.8CVSS8AI score0.00033EPSS

CVE•added 2023/12/05 3:15 a.m.•52 views

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev.

8.4CVSS8.1AI score0.00068EPSS

CVE•added 2022/06/14 10:15 a.m.•51 views

CVE-2021-35129

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.8CVSS8AI score0.00111EPSS

CVE•added 2023/09/05 7:15 a.m.•51 views

CVE-2023-28548

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.

7.8CVSS8AI score0.00024EPSS

CVE•added 2022/11/15 10:15 a.m.•50 views

CVE-2022-25667

Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking

7.5CVSS7.4AI score0.00156EPSS

CVE•added 2022/12/13 4:15 p.m.•50 views

CVE-2022-25677

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

7.8CVSS8AI score0.00032EPSS

CVE•added 2023/01/09 8:15 a.m.•49 views

CVE-2022-25722

Information exposure in DSP services due to improper handling of freeing memory

6CVSS5.5AI score0.00031EPSS

CVE•added 2024/07/01 3:15 p.m.•49 views

CVE-2024-21457

INformation disclosure while handling Multi-link IE in beacon frame.

7.5CVSS6.6AI score0.00101EPSS

CVE•added 2021/10/20 7:15 a.m.•48 views

CVE-2021-30288

Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon M...

8.4CVSS7.4AI score0.00035EPSS

CVE•added 2022/10/19 11:15 a.m.•47 views

CVE-2022-25666

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.7CVSS7AI score0.0004EPSS

CVE•added 2023/09/05 7:15 a.m.•47 views

CVE-2023-33016

Transient DOS in WLAN firmware while parsing MLO (multi-link operation).

7.5CVSS7.6AI score0.00091EPSS

CVE•added 2024/07/01 3:15 p.m.•47 views

CVE-2024-21482

Memory corruption during the secure boot process, when the bootm command is used, it bypasses the authentication of the kernel/rootfs image.

7.8CVSS7.2AI score0.00027EPSS

CVE•added 2022/10/19 11:15 a.m.•46 views

CVE-2022-25736

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.5CVSS7.5AI score0.00154EPSS

CVE•added 2023/12/05 3:15 a.m.•46 views

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

7.5CVSS7.5AI score0.00194EPSS

CVE•added 2023/12/05 3:15 a.m.•46 views

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev.

7.5CVSS7.7AI score0.00222EPSS

CVE•added 2024/12/02 11:15 a.m.•46 views

CVE-2024-33056

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

8.4CVSS8.6AI score0.00027EPSS

CVE•added 2024/08/05 3:15 p.m.•45 views

CVE-2024-33013

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.

7.5CVSS7.6AI score0.00189EPSS

CVE•added 2022/01/03 8:15 a.m.•44 views

CVE-2021-30271

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, ...

7.8CVSS7.7AI score0.00031EPSS

CVE•added 2022/09/16 6:15 a.m.•44 views

CVE-2022-25652

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking

9CVSS7.7AI score0.00065EPSS

CVE•added 2023/01/09 8:15 a.m.•44 views

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

7.5CVSS6.7AI score0.00123EPSS

CVE•added 2022/01/03 8:15 a.m.•43 views

CVE-2021-30303

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

7.8CVSS8AI score0.00035EPSS

CVE•added 2024/08/05 3:15 p.m.•43 views

CVE-2024-33026

Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/10/07 1:15 p.m.•43 views

CVE-2024-33073

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

8.2CVSS8.2AI score0.00156EPSS

CVE•added 2021/09/09 8:15 a.m.•42 views

CVE-2021-1909

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapd...

7.8CVSS7.8AI score0.00035EPSS

CVE•added 2021/11/12 7:15 a.m.•42 views

CVE-2021-30264

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

6.7CVSS6.7AI score0.00048EPSS

CVE•added 2021/09/09 8:15 a.m.•41 views

CVE-2021-1960

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2024/05/06 3:15 p.m.•41 views

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

7.5CVSS6.8AI score0.00294EPSS

CVE•added 2022/01/03 8:15 a.m.•40 views

CVE-2021-30272

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & ...

7.8CVSS7.6AI score0.00031EPSS

CVE•added 2022/01/13 12:15 p.m.•40 views

CVE-2021-30313

Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

6.7CVSS6.8AI score0.00076EPSS

CVE•added 2024/08/05 3:15 p.m.•40 views

CVE-2024-33012

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2021/09/17 7:15 a.m.•39 views

CVE-2021-30260

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,...

8.4CVSS8AI score0.00054EPSS

Total number of security vulnerabilities166