CVE-2024-38414

MEDIUM EPSS 0.8%
Published Feb 3, 20251y ago ยท Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 3, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Information disclosure while processing information on firmware image during core initialization.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
0.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 2

CWE-125 Out-of-bounds Read Memory Safety
CWE-126

Affected Products 58

VendorProductVersionRange
qualcommfastconnect_6900_firmware*any
qualcommfastconnect_6900*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommqam8295p_firmware*any
qualcommqam8295p*any
qualcommqca6174a_firmware*any
qualcommqca6174a*any
qualcommqca6574au_firmware*any
qualcommqca6574au*any
qualcommqca6696_firmware*any
qualcommqca6696*any
qualcommsa6145p_firmware*any
qualcommsa6145p*any
qualcommsa6150p_firmware*any
qualcommsa6150p*any
qualcommsa6155p_firmware*any
qualcommsa6155p*any
qualcommsa8145p_firmware*any
qualcommsa8145p*any
qualcommsa8150p_firmware*any
qualcommsa8150p*any
qualcommsa8155p_firmware*any
qualcommsa8155p*any
qualcommsa8195p_firmware*any
qualcommsa8195p*any
qualcommsa8295p_firmware*any
qualcommsa8295p*any
qualcommsa8530p_firmware*any
qualcommsa8530p*any
qualcommsa8540p_firmware*any
qualcommsa8540p*any
qualcommsa9000p_firmware*any
qualcommsa9000p*any
qualcommsnapdragon_8_gen_1_mobile_firmware*any
qualcommsnapdragon_8_gen_1_mobile*any
qualcommsnapdragon_888_5g_mobile_firmware*any
qualcommsnapdragon_888_5g_mobile*any
qualcommsnapdragon_888\+_5g_mobile_firmware*any
qualcommsnapdragon_888\+_5g_mobile*any
qualcommsnapdragon_w5\+_gen_1_wearable_firmware*any
qualcommsnapdragon_w5\+_gen_1_wearable*any
qualcommsw5100_firmware*any
qualcommsw5100*any
qualcommsw5100p_firmware*any
qualcommsw5100p*any
qualcommwcd9380_firmware*any
qualcommwcd9380*any
qualcommwcd9385_firmware*any
qualcommwcd9385*any
qualcommwcn3980_firmware*any
qualcommwcn3980*any
qualcommwcn3988_firmware*any
qualcommwcn3988*any
qualcommwsa8830_firmware*any
qualcommwsa8830*any
qualcommwsa8835_firmware*any
qualcommwsa8835*any

References 1

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html
    PatchVendor Advisory

Remediation

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html
    PatchVendor Advisory