Qca8085 Firmware Security Vulnerabilities and Issues — Page 2 of Qca8085 Firmware CVE List

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

7.5CVSS7.6AI score0.00187EPSS

CVE•added 2023/09/05 7:15 a.m.•60 views

CVE-2023-21662

Memory corruption in Core Platform while printing the response buffer in log.

7.8CVSS8AI score0.00053EPSS

CVE•added 2023/11/07 6:15 a.m.•60 views

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

8.4CVSS7.8AI score0.00054EPSS

CVE•added 2023/12/05 3:15 a.m.•60 views

CVE-2023-33081

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

7.5CVSS7.5AI score0.00147EPSS

CVE•added 2024/01/02 6:15 a.m.•60 views

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

7.5CVSS7.6AI score0.00173EPSS

CVE•added 2024/02/06 6:16 a.m.•60 views

CVE-2023-43523

Transient DOS while processing 11AZ RTT management action frame received through OTA.

7.5CVSS7.5AI score0.00144EPSS

CVE•added 2024/10/07 1:15 p.m.•60 views

CVE-2024-33049

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.

7.5CVSS7.6AI score0.00163EPSS

CVE•added 2024/09/02 12:15 p.m.•60 views

CVE-2024-33057

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.

7.5CVSS7.5AI score0.00264EPSS

CVE•added 2023/09/05 7:15 a.m.•59 views

CVE-2023-21664

Memory Corruption in Core Platform while printing the response buffer in log.

7.8CVSS7.8AI score0.00053EPSS

CVE•added 2024/01/02 6:15 a.m.•59 views

CVE-2023-33032

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

9.3CVSS7.7AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•59 views

CVE-2023-33048

Transient DOS in WLAN Firmware while parsing t2lm buffers.

7.5CVSS7.5AI score0.00194EPSS

CVE•added 2023/03/10 9:15 p.m.•58 views

CVE-2022-40527

Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.

7.5CVSS7.5AI score0.00123EPSS

CVE•added 2023/06/06 8:15 a.m.•58 views

CVE-2023-21660

Transient DOS in WLAN Firmware while parsing FT Information Elements.

7.5CVSS7.5AI score0.00158EPSS

CVE•added 2023/12/05 3:15 a.m.•58 views

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

7.5CVSS7.5AI score0.00148EPSS

CVE•added 2022/10/19 11:15 a.m.•57 views

CVE-2022-25749

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...

7.5CVSS7.7AI score0.00259EPSS

CVE•added 2023/06/06 8:15 a.m.•57 views

CVE-2022-40522

Memory corruption in Linux Networking due to double free while handling a hyp-assign.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/09/05 7:15 a.m.•57 views

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

7.8CVSS8AI score0.00027EPSS

CVE•added 2023/11/07 6:15 a.m.•57 views

CVE-2023-33061

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

7.5CVSS7.6AI score0.00188EPSS

CVE•added 2024/01/02 6:15 a.m.•57 views

CVE-2023-33062

Transient DOS in WLAN Firmware while parsing a BTM request.

7.5CVSS7.5AI score0.00188EPSS

CVE•added 2023/12/05 3:15 a.m.•57 views

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR frame.

7.5CVSS7.5AI score0.00147EPSS

CVE•added 2022/11/15 10:15 a.m.•56 views

CVE-2022-33236

Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.5CVSS7.7AI score0.00158EPSS

CVE•added 2023/12/05 3:15 a.m.•56 views

CVE-2023-33083

Memory corruption in WLAN Host while processing RRM beacon on the AP.

9.8CVSS9.8AI score0.002EPSS

CVE•added 2024/07/01 3:15 p.m.•56 views

CVE-2024-21458

Information disclosure while handling SA query action frame.

7.5CVSS6.6AI score0.00101EPSS

CVE•added 2023/09/05 7:15 a.m.•55 views

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

7.8CVSS7.9AI score0.00045EPSS

CVE•added 2024/03/04 11:15 a.m.•55 views

CVE-2023-43539

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

7.5CVSS7.6AI score0.00254EPSS

CVE•added 2022/11/15 10:15 a.m.•54 views

CVE-2022-33237

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...

7.5CVSS7.7AI score0.00123EPSS

CVE•added 2023/01/09 8:15 a.m.•54 views

CVE-2022-33284

Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.

8.2CVSS6.8AI score0.00091EPSS

CVE•added 2023/06/06 8:15 a.m.•54 views

CVE-2022-40525

Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.

7.1CVSS5.5AI score0.0004EPSS

CVE•added 2023/11/07 6:15 a.m.•54 views

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit IES.

7.5CVSS7.5AI score0.00188EPSS

CVE•added 2023/12/05 3:15 a.m.•54 views

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

7.5CVSS7.6AI score0.00188EPSS

CVE•added 2024/02/06 6:16 a.m.•54 views

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.

7.5CVSS7.5AI score0.00145EPSS

CVE•added 2022/12/13 4:15 p.m.•53 views

CVE-2022-33238

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mo...

7.5CVSS7.6AI score0.00145EPSS

CVE•added 2023/01/09 8:15 a.m.•53 views

CVE-2022-33253

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.

7.5CVSS5.9AI score0.00112EPSS

CVE•added 2024/07/01 3:15 p.m.•53 views

CVE-2024-21466

Information disclosure while parsing sub-IE length during new IE generation.

7.5CVSS6.6AI score0.00101EPSS

CVE•added 2023/01/09 8:15 a.m.•52 views

CVE-2022-33252

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.

8.2CVSS6AI score0.00063EPSS

CVE•added 2023/01/09 8:15 a.m.•52 views

CVE-2022-33276

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/10/03 6:15 a.m.•52 views

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

7.8CVSS7.2AI score0.00032EPSS

CVE•added 2023/09/05 7:15 a.m.•52 views

CVE-2023-28573

Memory corruption in WLAN HAL while parsing WMI command parameters.

7.8CVSS8AI score0.00033EPSS

CVE•added 2023/12/05 3:15 a.m.•52 views

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev.

8.4CVSS8.1AI score0.00068EPSS

CVE•added 2023/09/05 7:15 a.m.•51 views

CVE-2023-28548

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.

7.8CVSS8AI score0.00024EPSS

CVE•added 2023/12/05 3:15 a.m.•50 views

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.5CVSS6.1AI score0.00039EPSS

CVE•added 2024/07/01 3:15 p.m.•49 views

CVE-2024-21457

INformation disclosure while handling Multi-link IE in beacon frame.

7.5CVSS6.6AI score0.00101EPSS

CVE•added 2024/10/07 1:15 p.m.•49 views

CVE-2024-38397

Transient DOS while parsing probe response and assoc response frame.

7.5CVSS7.6AI score0.00163EPSS

CVE•added 2023/01/09 8:15 a.m.•48 views

CVE-2022-40519

Information disclosure due to buffer overread in Core

6.8CVSS5.7AI score0.00047EPSS

CVE•added 2023/09/05 7:15 a.m.•47 views

CVE-2023-33016

Transient DOS in WLAN firmware while parsing MLO (multi-link operation).

7.5CVSS7.6AI score0.00091EPSS

CVE•added 2024/07/01 3:15 p.m.•47 views

CVE-2024-21482

Memory corruption during the secure boot process, when the bootm command is used, it bypasses the authentication of the kernel/rootfs image.

7.8CVSS7.2AI score0.00027EPSS

CVE•added 2022/10/19 11:15 a.m.•46 views

CVE-2022-25736

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.5CVSS7.5AI score0.00154EPSS

Total number of security vulnerabilities128