Wcn3620 Firmware Security Vulnerabilities and Issues — Wcn3620 Firmware CVE List

Lucene search

QualcommWcn3620 Firmware

165 matches found

CVE•added 2021/06/09 5:15 a.m.•1009 views

CVE-2020-11261

Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

7.8CVSS8.4AI score0.00286EPSS

CVE•added 2023/12/05 3:15 a.m.•282 views

CVE-2023-33063

Memory corruption in DSP Services during a remote call from HLOS to DSP.

7.8CVSS8.1AI score0.00227EPSS

CVE•added 2022/06/14 10:15 a.m.•217 views

CVE-2022-22065

Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wear...

7.8CVSS7.5AI score0.00144EPSS

CVE•added 2022/02/11 11:15 a.m.•111 views

CVE-2021-30323

Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.9AI score0.00085EPSS

CVE•added 2023/06/06 8:15 a.m.•104 views

CVE-2023-21657

Memoru corruption in Audio when ADSP sends input during record use case.

7.8CVSS7.8AI score0.00054EPSS

CVE•added 2021/06/09 5:15 a.m.•103 views

CVE-2020-11239

Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...

7.8CVSS8AI score0.00063EPSS

CVE•added 2022/06/14 10:15 a.m.•102 views

CVE-2022-22064

Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2023/06/06 8:15 a.m.•100 views

CVE-2023-21670

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

7.8CVSS7.8AI score0.00035EPSS

CVE•added 2021/06/09 5:15 a.m.•98 views

CVE-2020-11240

Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy of the user argument in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snap...

7.8CVSS7.9AI score0.00039EPSS

CVE•added 2021/03/17 6:15 a.m.•97 views

CVE-2020-11226

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.5CVSS7.5AI score0.0024EPSS

CVE•added 2021/03/17 6:15 a.m.•97 views

CVE-2020-11290

Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7CVSS7.2AI score0.00037EPSS

CVE•added 2023/06/06 8:15 a.m.•96 views

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

7.8CVSS7.9AI score0.00053EPSS

CVE•added 2021/07/13 6:15 a.m.•94 views

CVE-2021-1955

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Sn...

7.5CVSS7.5AI score0.00305EPSS

CVE•added 2021/11/12 7:15 a.m.•93 views

CVE-2021-30259

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure a...

7.8CVSS7.7AI score0.00041EPSS

CVE•added 2021/06/09 5:15 a.m.•92 views

CVE-2020-11262

A race between command submission and destroying the context can cause an invalid context being added to the list leads to use after free issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

7CVSS7.1AI score0.00034EPSS

CVE•added 2024/12/02 11:15 a.m.•92 views

CVE-2024-43048

Memory corruption when invalid input is passed to invoke GPU Headroom API call.

7.8CVSS7.9AI score0.00027EPSS

CVE•added 2021/06/09 5:15 a.m.•90 views

CVE-2020-11250

Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure an...

7CVSS7.2AI score0.00029EPSS

CVE•added 2021/02/22 7:15 a.m.•90 views

CVE-2020-11271

Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructur...

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2021/06/09 5:15 a.m.•89 views

CVE-2020-11233

Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

7CVSS6.9AI score0.00026EPSS

CVE•added 2021/02/22 7:15 a.m.•88 views

CVE-2020-11223

Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.8CVSS7.6AI score0.00033EPSS

CVE•added 2024/02/06 6:16 a.m.•88 views

CVE-2023-43513

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.

7.8CVSS7.7AI score0.00053EPSS

CVE•added 2021/03/17 6:15 a.m.•87 views

CVE-2020-11309

Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS8AI score0.00037EPSS

CVE•added 2024/01/02 6:15 a.m.•85 views

CVE-2023-33120

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

7.8CVSS7.9AI score0.00136EPSS

CVE•added 2024/12/02 11:15 a.m.•85 views

CVE-2024-43052

Memory corruption while processing API calls to NPU with invalid input.

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2024/12/02 11:15 a.m.•84 views

CVE-2024-33063

Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.

7.5CVSS7.6AI score0.00115EPSS

CVE•added 2022/06/14 10:15 a.m.•83 views

CVE-2022-22083

Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.7AI score0.00458EPSS

CVE•added 2023/07/04 5:15 a.m.•81 views

CVE-2023-22387

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.

7.8CVSS7.6AI score0.00051EPSS

CVE•added 2023/11/07 6:15 a.m.•80 views

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from ADSP.

7.8CVSS7.8AI score0.00062EPSS

CVE•added 2021/02/22 7:15 a.m.•79 views

CVE-2020-11203

Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.1CVSS7.2AI score0.00054EPSS

CVE•added 2022/04/01 5:15 a.m.•78 views

CVE-2021-30333

Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS8AI score0.0012EPSS

CVE•added 2022/06/14 10:15 a.m.•78 views

CVE-2021-30344

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.6AI score0.00338EPSS

CVE•added 2023/02/12 4:15 a.m.•78 views

CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

7.8CVSS8AI score0.00074EPSS

CVE•added 2023/11/07 6:15 a.m.•78 views

CVE-2023-33031

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

7.8CVSS7.9AI score0.00062EPSS

CVE•added 2022/09/16 6:15 a.m.•77 views

CVE-2022-25670

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...

7.5CVSS7.5AI score0.00155EPSS

CVE•added 2024/01/02 6:15 a.m.•76 views

CVE-2023-33110

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.

7.8CVSS6.8AI score0.00085EPSS

CVE•added 2023/04/13 7:15 a.m.•75 views

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

7.8CVSS7.3AI score0.00033EPSS

CVE•added 2022/06/14 10:15 a.m.•73 views

CVE-2021-35100

Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.6AI score0.00721EPSS

CVE•added 2023/08/08 10:15 a.m.•73 views

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

7.1CVSS7AI score0.0005EPSS

CVE•added 2023/02/12 4:15 a.m.•72 views

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2023/07/04 5:15 a.m.•72 views

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

7.8CVSS7.8AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•72 views

CVE-2023-28570

Memory corruption while processing audio effects.

7.8CVSS7.2AI score0.0004EPSS

CVE•added 2023/09/05 7:15 a.m.•72 views

CVE-2023-33019

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.

7.5CVSS7.5AI score0.00063EPSS

CVE•added 2021/02/22 7:15 a.m.•71 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2025/03/03 11:15 a.m.•71 views

CVE-2024-45580

Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.

7.8CVSS7.6AI score0.00024EPSS

CVE•added 2021/09/09 8:15 a.m.•70 views

CVE-2021-1974

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and ...

7.5CVSS7.7AI score0.00361EPSS

CVE•added 2023/03/10 9:15 p.m.•69 views

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

7.8CVSS7.9AI score0.00046EPSS

CVE•added 2024/02/06 6:15 a.m.•69 views

CVE-2023-33065

Information disclosure in Audio while accessing AVCS services from ADSP payload.

7.1CVSS6.8AI score0.00027EPSS

CVE•added 2024/07/01 3:15 p.m.•69 views

CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM partition.

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2025/03/03 11:15 a.m.•68 views

CVE-2024-53027

Transient DOS may occur while processing the country IE.

7.5CVSS7.2AI score0.00073EPSS

CVE•added 2022/12/13 4:15 p.m.•67 views

CVE-2022-25692

Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.5AI score0.0006EPSS

Total number of security vulnerabilities165