Wcn3680b Firmware@- Security Vulnerabilities and Issues — Page 6 of Wcn3680b Firmware@- CVE List

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

7.8CVSS7.9AI score0.0011EPSS

CVE•added 2024/05/06 3:15 p.m.•61 views

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

6.1CVSS6.6AI score0.00041EPSS

CVE•added 2024/06/03 10:15 a.m.•61 views

CVE-2023-43551

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.

9.1CVSS9.4AI score0.00095EPSS

CVE•added 2021/02/22 7:15 a.m.•60 views

CVE-2020-11204

Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

7.8CVSS7.7AI score0.00039EPSS

CVE•added 2023/06/06 8:15 a.m.•60 views

CVE-2022-33224

Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.

7.8CVSS7.2AI score0.00036EPSS

CVE•added 2023/07/04 5:15 a.m.•60 views

CVE-2023-21637

Memory corruption in Linux while calling system configuration APIs.

7.8CVSS7AI score0.00029EPSS

CVE•added 2024/12/02 11:15 a.m.•60 views

CVE-2024-33036

Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.

6.7CVSS6.6AI score0.00018EPSS

CVE•added 2021/01/21 10:15 a.m.•59 views

CVE-2020-11119

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, ...

7.5CVSS7.8AI score0.0026EPSS

CVE•added 2021/03/17 6:15 a.m.•59 views

CVE-2020-11192

Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.3AI score0.00396EPSS

CVE•added 2022/09/02 12:15 p.m.•59 views

CVE-2021-35135

A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.2CVSS5.7AI score0.00047EPSS

CVE•added 2023/03/10 9:15 p.m.•59 views

CVE-2022-33260

Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.

7.8CVSS7AI score0.00032EPSS

CVE•added 2023/06/06 8:15 a.m.•59 views

CVE-2022-33263

Memory corruption due to use after free in Core when multiple DCI clients register and deregister.

7.8CVSS7.3AI score0.00033EPSS

CVE•added 2023/10/03 6:15 a.m.•59 views

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

9.8CVSS9.1AI score0.00126EPSS

CVE•added 2023/12/05 3:15 a.m.•59 views

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2023/08/08 10:15 a.m.•59 views

CVE-2023-28576

The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to ou...

7CVSS6.5AI score0.00024EPSS

CVE•added 2024/01/02 6:15 a.m.•59 views

CVE-2023-28583

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2023/12/05 3:15 a.m.•59 views

CVE-2023-33070

Transient DOS in Automotive OS due to improper authentication to the secure IO calls.

7.1CVSS5.8AI score0.00054EPSS

CVE•added 2024/02/06 6:16 a.m.•59 views

CVE-2023-33077

Memory corruption in HLOS while converting from authorization token to HIDL vector.

7.8CVSS7.7AI score0.0002EPSS

CVE•added 2022/06/14 10:15 a.m.•58 views

CVE-2021-35072

Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS8AI score0.00146EPSS

CVE•added 2022/10/19 11:15 a.m.•58 views

CVE-2022-25749

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...

7.5CVSS7.7AI score0.00276EPSS

CVE•added 2023/01/09 8:15 a.m.•58 views

CVE-2022-33266

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.

7.8CVSS7AI score0.00059EPSS

CVE•added 2023/09/05 7:15 a.m.•58 views

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2024/01/02 6:15 a.m.•58 views

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

9.3CVSS7.8AI score0.0006EPSS

CVE•added 2022/12/13 4:15 p.m.•57 views

CVE-2022-25682

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.9AI score0.00072EPSS

CVE•added 2022/12/13 4:15 p.m.•57 views

CVE-2022-25697

Memory corruption in i2c buses due to improper input validation while reading address configuration from i2c driver in Snapdragon Mobile, Snapdragon Wearables

8.4CVSS7.8AI score0.00044EPSS

CVE•added 2023/08/08 10:15 a.m.•57 views

CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

6.5CVSS6.4AI score0.00265EPSS

CVE•added 2023/09/05 7:15 a.m.•57 views

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

7.8CVSS8AI score0.00053EPSS

CVE•added 2021/03/17 6:15 a.m.•56 views

CVE-2020-11188

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

9.1CVSS9.1AI score0.0037EPSS

CVE•added 2021/06/09 7:15 a.m.•56 views

CVE-2020-11292

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara...

7.8CVSS7.9AI score0.00048EPSS

CVE•added 2021/11/12 7:15 a.m.•56 views

CVE-2021-30265

Possible memory corruption due to improper validation of memory address while processing user-space IOCTL for clearing Filter and Route statistics in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

6.7CVSS6.9AI score0.00055EPSS

CVE•added 2022/12/13 4:15 p.m.•56 views

CVE-2022-25695

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...

8.4CVSS8AI score0.00058EPSS

CVE•added 2022/12/13 4:15 p.m.•56 views

CVE-2022-25702

Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.5AI score0.0019EPSS

CVE•added 2022/10/19 11:15 a.m.•56 views

CVE-2022-25719

Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...

9.1CVSS9AI score0.00108EPSS

CVE•added 2023/07/04 5:15 a.m.•56 views

CVE-2023-21624

Information disclosure in DSP Services while loading dynamic module.

6.2CVSS5.6AI score0.0004EPSS

CVE•added 2023/08/08 10:15 a.m.•56 views

CVE-2023-21648

Memory corruption in RIL while trying to send apdu packet.

7.8CVSS7.1AI score0.00036EPSS

CVE•added 2024/10/07 1:15 p.m.•56 views

CVE-2024-23375

Memory corruption during the network scan request.

6.7CVSS6.8AI score0.00029EPSS

CVE•added 2024/12/02 11:15 a.m.•56 views

CVE-2024-33044

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

8.4CVSS8.6AI score0.00033EPSS

CVE•added 2021/04/07 8:15 a.m.•55 views

CVE-2020-11191

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon ...

9.4CVSS8.9AI score0.00239EPSS

CVE•added 2021/10/20 7:15 a.m.•55 views

CVE-2021-1967

Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN Match event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Mu...

5.3CVSS5.7AI score0.0006EPSS

CVE•added 2022/09/02 12:15 p.m.•55 views

CVE-2022-22062

An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapd...

9.1CVSS8.9AI score0.00115EPSS

CVE•added 2022/09/16 6:15 a.m.•55 views

CVE-2022-22105

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music

9.8CVSS9.6AI score0.001EPSS

CVE•added 2023/09/05 7:15 a.m.•55 views

CVE-2022-40524

Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.

7.8CVSS7.2AI score0.0002EPSS

CVE•added 2023/08/08 10:15 a.m.•55 views

CVE-2023-21627

Memory corruption in Trusted Execution Environment while calling service API with invalid address.

7.8CVSS7.2AI score0.00031EPSS

CVE•added 2023/12/05 3:15 a.m.•55 views

CVE-2023-21634

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.

7.8CVSS7AI score0.0004EPSS

CVE•added 2023/12/05 3:15 a.m.•55 views

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

7.8CVSS7.8AI score0.0006EPSS

CVE•added 2022/09/16 6:15 a.m.•54 views

CVE-2022-22091

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.6AI score0.00217EPSS

CVE•added 2023/01/09 8:15 a.m.•54 views

CVE-2022-25721

Memory corruption in video driver due to type confusion error during video playback

7.8CVSS7.1AI score0.0004EPSS

Total number of security vulnerabilities414