CVE-2024-38404

HIGH EPSS 14.0%
Published Feb 3, 20251y ago ยท Modified Jun 17, 20262w ago
7.5 CVSS 3.1
High
Find Similar
Published Feb 3, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.

CVSS Details

Base Score
7.5
Exploitability
3.9
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-125 Out-of-bounds Read Memory Safety
CWE-126

Affected Products 80

VendorProductVersionRange
qualcommar8035_firmware*any
qualcommar8035*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommqca6584au_firmware*any
qualcommqca6584au*any
qualcommqca6698aq_firmware*any
qualcommqca6698aq*any
qualcommqca8081_firmware*any
qualcommqca8081*any
qualcommqca8337_firmware*any
qualcommqca8337*any
qualcommqcc710_firmware*any
qualcommqcc710*any
qualcommqcn6224_firmware*any
qualcommqcn6224*any
qualcommqcn6274_firmware*any
qualcommqcn6274*any
qualcommqfw7114_firmware*any
qualcommqfw7114*any
qualcommqfw7124_firmware*any
qualcommqfw7124*any
qualcommsdm429w_firmware*any
qualcommsdm429w*any
qualcommsdx80m_firmware*any
qualcommsdx80m*any
qualcommsm7675_firmware*any
qualcommsm7675*any
qualcommsm7675p_firmware*any
qualcommsm7675p*any
qualcommsm8635_firmware*any
qualcommsm8635*any
qualcommsm8635p_firmware*any
qualcommsm8635p*any
qualcommsnapdragon_429_mobile_firmware*any
qualcommsnapdragon_429_mobile*any
qualcommsnapdragon_8_gen_3_mobile_firmware*any
qualcommsnapdragon_8_gen_3_mobile*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2_firmware*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2*any
qualcommsnapdragon_wear_4100\+_firmware*any
qualcommsnapdragon_wear_4100\+*any
qualcommsnapdragon_x72_5g_modem-rf_system_firmware*any
qualcommsnapdragon_x72_5g_modem-rf_system*any
qualcommsnapdragon_x75_5g_modem-rf_system_firmware*any
qualcommsnapdragon_x75_5g_modem-rf_system*any
qualcommwcd9340_firmware*any
qualcommwcd9340*any
qualcommwcd9370_firmware*any
qualcommwcd9370*any
qualcommwcd9375_firmware*any
qualcommwcd9375*any
qualcommwcd9390_firmware*any
qualcommwcd9390*any
qualcommwcd9395_firmware*any
qualcommwcd9395*any
qualcommwcn3610_firmware*any
qualcommwcn3610*any
qualcommwcn3620_firmware*any
qualcommwcn3620*any
qualcommwcn3660b_firmware*any
qualcommwcn3660b*any
qualcommwcn3680b_firmware*any
qualcommwcn3680b*any
qualcommwcn3980_firmware*any
qualcommwcn3980*any
qualcommwcn6755_firmware*any
qualcommwcn6755*any
qualcommwsa8830_firmware*any
qualcommwsa8830*any
qualcommwsa8832_firmware*any
qualcommwsa8832*any
qualcommwsa8835_firmware*any
qualcommwsa8835*any
qualcommwsa8840_firmware*any
qualcommwsa8840*any
qualcommwsa8845_firmware*any
qualcommwsa8845*any
qualcommwsa8845h_firmware*any
qualcommwsa8845h*any

References 1

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.