CVE-2024-33031

MEDIUM EPSS 1.2%

Published Nov 4, 20241y ago · Modified Jun 17, 20261w ago

6.7 CVSS 3.1

Medium

Published Nov 4, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

Memory corruption while processing the update SIM PB records request.

Base Score

6.7

Exploitability

0.8

Impact

5.9

Vector string

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector Local

Attack Complexity Low

Privileges Required High

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

EPSS Exploit Probability

1.2% percentile

Exploit & Patch Status

No Known Exploit

Patch Available

CWE-20 Improper Input Validation Validation

Vendor	Product	Version	Range
qualcomm	wcn3660b_firmware	*	any
qualcomm	wcn3660b	*	any
qualcomm	wcn3620_firmware	*	any
qualcomm	wcn3620	*	any
qualcomm	wcd9340_firmware	*	any
qualcomm	wcd9340	*	any
qualcomm	snapdragon_x75_5g_modem-rf_system_firmware	*	any
qualcomm	snapdragon_x75_5g_modem-rf_system	*	any
qualcomm	snapdragon_x72_5g_modem-rf_system_firmware	*	any
qualcomm	snapdragon_x72_5g_modem-rf_system	*	any
qualcomm	snapdragon_429_mobile_platform_firmware	*	any
qualcomm	snapdragon_429_mobile_platform	*	any
qualcomm	sdm429w_firmware	*	any
qualcomm	sdm429w	*	any
qualcomm	qfw7124_firmware	*	any
qualcomm	qfw7124	*	any
qualcomm	qfw7114_firmware	*	any
qualcomm	qfw7114	*	any
qualcomm	qcn6274_firmware	*	any
qualcomm	qcn6274	*	any
qualcomm	qcn6224_firmware	*	any
qualcomm	qcn6224	*	any
qualcomm	qcc710_firmware	*	any
qualcomm	qcc710	*	any
qualcomm	qca8337_firmware	*	any
qualcomm	qca8337	*	any
qualcomm	qca8081_firmware	*	any
qualcomm	qca8081	*	any
qualcomm	fastconnect_7800_firmware	*	any
qualcomm	fastconnect_7800	*	any
qualcomm	ar8035_firmware	*	any
qualcomm	ar8035	*	any

docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html

PatchVendor Advisory

docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html

PatchVendor Advisory