cve-2024-49832
Vulnerability from cvelistv5
Published
2025-02-03 16:51
Modified
2025-02-03 17:34
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Memory corruption in Camera due to unusually high number of nodes passed to AXI port.
References
product-security@qualcomm.comhttps://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.htmlPatch, Vendor Advisory
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Version: FastConnect 6900
Version: FastConnect 7800
Version: QCS6490
Version: Qualcomm Video Collaboration VC3 Platform
Version: SDM429W
Version: SM8750
Version: SM8750P
Version: Snapdragon 429 Mobile Platform
Version: Snapdragon 8 Gen 1 Mobile Platform
Version: Snapdragon 8 Gen 3 Mobile Platform
Version: WCD9380
Version: WCD9390
Version: WCD9395
Version: WCN3620
Version: WCN3660B
Version: WCN7860
Version: WCN7861
Version: WCN7880
Version: WCN7881
Version: WSA8830
Version: WSA8832
Version: WSA8835
Version: WSA8840
Version: WSA8845
Version: WSA8845H
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-49832",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-03T17:34:07.617489Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-03T17:34:15.547Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               platforms: [
                  "Snapdragon Industrial IOT",
                  "Snapdragon Mobile",
                  "Snapdragon Wearables",
               ],
               product: "Snapdragon",
               vendor: "Qualcomm, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "FastConnect 6900",
                  },
                  {
                     status: "affected",
                     version: "FastConnect 7800",
                  },
                  {
                     status: "affected",
                     version: "QCS6490",
                  },
                  {
                     status: "affected",
                     version: "Qualcomm Video Collaboration VC3 Platform",
                  },
                  {
                     status: "affected",
                     version: "SDM429W",
                  },
                  {
                     status: "affected",
                     version: "SM8750",
                  },
                  {
                     status: "affected",
                     version: "SM8750P",
                  },
                  {
                     status: "affected",
                     version: "Snapdragon 429 Mobile Platform",
                  },
                  {
                     status: "affected",
                     version: "Snapdragon 8 Gen 1 Mobile Platform",
                  },
                  {
                     status: "affected",
                     version: "Snapdragon 8 Gen 3 Mobile Platform",
                  },
                  {
                     status: "affected",
                     version: "WCD9380",
                  },
                  {
                     status: "affected",
                     version: "WCD9390",
                  },
                  {
                     status: "affected",
                     version: "WCD9395",
                  },
                  {
                     status: "affected",
                     version: "WCN3620",
                  },
                  {
                     status: "affected",
                     version: "WCN3660B",
                  },
                  {
                     status: "affected",
                     version: "WCN7860",
                  },
                  {
                     status: "affected",
                     version: "WCN7861",
                  },
                  {
                     status: "affected",
                     version: "WCN7880",
                  },
                  {
                     status: "affected",
                     version: "WCN7881",
                  },
                  {
                     status: "affected",
                     version: "WSA8830",
                  },
                  {
                     status: "affected",
                     version: "WSA8832",
                  },
                  {
                     status: "affected",
                     version: "WSA8835",
                  },
                  {
                     status: "affected",
                     version: "WSA8840",
                  },
                  {
                     status: "affected",
                     version: "WSA8845",
                  },
                  {
                     status: "affected",
                     version: "WSA8845H",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Memory corruption in Camera due to unusually high number of nodes passed to AXI port.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-129",
                     description: "CWE-129 Improper Validation of Array Index",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-02-03T16:51:33.100Z",
            orgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            shortName: "qualcomm",
         },
         references: [
            {
               url: "https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html",
            },
         ],
         title: "Improper Validation of Array Index in Camera",
      },
   },
   cveMetadata: {
      assignerOrgId: "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
      assignerShortName: "qualcomm",
      cveId: "CVE-2024-49832",
      datePublished: "2025-02-03T16:51:33.100Z",
      dateReserved: "2024-10-20T17:18:43.214Z",
      dateUpdated: "2025-02-03T17:34:15.547Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2024-49832\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2025-02-03T17:15:19.973\",\"lastModified\":\"2025-02-05T16:01:09.627\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memory corruption in Camera due to unusually high number of nodes passed to AXI port.\"},{\"lang\":\"es\",\"value\":\"Corrupción de memoria en la cámara debido a un número inusualmente alto de nodos pasados ??al puerto AXI.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-129\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E670F500-9B71-4BBE-B5DA-221D35803C89\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"638DBC7F-456F-487D-BED2-2214DFF8BEE2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"403AE561-6C9E-49F3-A5D6-C48DDD51D663\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAC140F-FC5E-4C88-B777-7F5EBF49A695\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD4946C6-778F-4542-AB77-C9B86AF25C05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F1D604A-4530-42B3-80A0-58A82D658DDD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E52771-4FB7-45DB-A349-4DD911F53752\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72F6CE39-9299-4FC3-BC48-11F79034F2E4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8750_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84641A8E-A93C-48C1-86AC-193951BA4D78\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8750:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74169A4C-0247-4719-887E-BBFB36B04F07\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8750p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D8ABDBF-BABC-4219-8A18-BDFC8C826B1F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8750p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"685D81D0-7E95-4DBA-A05B-7C708A5DFDF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B29ED8BE-FB30-4E28-B080-7970BBCF67CF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1C36217-A66F-445C-8B5C-73E6096308DA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13AF1A58-3121-4F06-9B13-D7D94A8A10A8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"629264C3-8EA3-475F-88D5-4407691499DA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA40FA0B-F9F1-48D4-B68A-ECD7241A5F39\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B00530E-070B-4832-AFF0-535D4A1A6F85\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70292B01-617F-44AD-AF77-1AFC1450523D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA94C6D6-85DB-4031-AAF4-C399019AE16D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"896F1C04-9957-440F-BF01-C3772CC3B3DF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A90555EB-47A7-4717-92D5-35B561825F06\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"699056F6-1517-4F25-AE07-4FFCF6923B9F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4C023D2-6FF5-4FFC-B9F2-895979166580\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99CA230-0694-4898-A06E-9C522CCB86CE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62B00662-139A-4E36-98FA-D4F7D101D4AB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB37B5DB-2493-4082-B2BF-60385B7E027C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EB8794F-7998-424E-AF68-E4A4F9310F65\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"799D69CE-3FCC-4B19-8B00-9AF38111D983\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57608D47-894C-4895-B4B3-4733D55D57DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63735D33-9F09-4841-9FE0-0D9AB604BECF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7880:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E826F765-4C2E-4319-BBC4-DEB02AAD783F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D765C392-5F38-4E6A-9E88-59629E7A6911\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11B69595-E488-4590-A150-CE5BE08B5E13\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ACAD26E-B79E-4659-91A5-D301281F7D36\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F80BC68E-7476-4A40-9F48-53722FE9A5BF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B36F4B2-BAA3-45AD-9967-0EB482C99708\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA33DE15-C177-43B3-AD50-FF797753D12E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE1A5841-5BCB-4033-ACB9-23F3FCA65309\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B47BF35-3AA0-4667-842E-19B0FE30BF3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A071672-9405-4418-9141-35CEADBB65AF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB7CF473-8B25-4851-91F2-1BD693CCDC85\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91E591F2-8F72-4A5A-9264-2742EB2DABDA\"}]}]}],\"references\":[{\"url\":\"https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
      vulnrichment: {
         containers: "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"platforms\": [\"Snapdragon Industrial IOT\", \"Snapdragon Mobile\", \"Snapdragon Wearables\"], \"product\": \"Snapdragon\", \"vendor\": \"Qualcomm, Inc.\", \"versions\": [{\"status\": \"affected\", \"version\": \"FastConnect 6900\"}, {\"status\": \"affected\", \"version\": \"FastConnect 7800\"}, {\"status\": \"affected\", \"version\": \"QCS6490\"}, {\"status\": \"affected\", \"version\": \"Qualcomm Video Collaboration VC3 Platform\"}, {\"status\": \"affected\", \"version\": \"SDM429W\"}, {\"status\": \"affected\", \"version\": \"SM8750\"}, {\"status\": \"affected\", \"version\": \"SM8750P\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 429 Mobile Platform\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8 Gen 1 Mobile Platform\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8 Gen 3 Mobile Platform\"}, {\"status\": \"affected\", \"version\": \"WCD9380\"}, {\"status\": \"affected\", \"version\": \"WCD9390\"}, {\"status\": \"affected\", \"version\": \"WCD9395\"}, {\"status\": \"affected\", \"version\": \"WCN3620\"}, {\"status\": \"affected\", \"version\": \"WCN3660B\"}, {\"status\": \"affected\", \"version\": \"WCN7860\"}, {\"status\": \"affected\", \"version\": \"WCN7861\"}, {\"status\": \"affected\", \"version\": \"WCN7880\"}, {\"status\": \"affected\", \"version\": \"WCN7881\"}, {\"status\": \"affected\", \"version\": \"WSA8830\"}, {\"status\": \"affected\", \"version\": \"WSA8832\"}, {\"status\": \"affected\", \"version\": \"WSA8835\"}, {\"status\": \"affected\", \"version\": \"WSA8840\"}, {\"status\": \"affected\", \"version\": \"WSA8845\"}, {\"status\": \"affected\", \"version\": \"WSA8845H\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Memory corruption in Camera due to unusually high number of nodes passed to AXI port.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"LOCAL\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-129\", \"description\": \"CWE-129 Improper Validation of Array Index\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"shortName\": \"qualcomm\", \"dateUpdated\": \"2025-02-03T16:51:33.100Z\"}, \"references\": [{\"url\": \"https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html\"}], \"title\": \"Improper Validation of Array Index in Camera\"}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-49832\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-03T17:34:07.617489Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-03T17:34:11.625Z\"}}]}",
         cveMetadata: "{\"cveId\": \"CVE-2024-49832\", \"assignerOrgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"qualcomm\", \"dateReserved\": \"2024-10-20T17:18:43.214Z\", \"datePublished\": \"2025-02-03T16:51:33.100Z\", \"dateUpdated\": \"2025-02-03T17:34:15.547Z\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.