CVE-2024-43047

HIGH CISA KEV EPSS 47.5%
Published Oct 7, 20241y ago ยท Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Oct 7, 2024 1y ago
Last Modified Jun 17, 2026 1w ago
KEV Listed Oct 8, 2024 1y ago
KEV Due Oct 29, 2024 608d overdue

Description

Memory corruption while maintaining memory maps of HLOS memory.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

CISA Known Exploited Overdue 608d
Added
Oct 8, 2024
Due
Oct 29, 2024

Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

EPSS Exploit Probability
47.5% percentile
Exploit & Patch Status
Actively Exploited (KEV)
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 128

VendorProductVersionRange
qualcommfastconnect_6700_firmware*any
qualcommfastconnect_6700*any
qualcommfastconnect_6800_firmware*any
qualcommfastconnect_6800*any
qualcommfastconnect_6900_firmware*any
qualcommfastconnect_6900*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommqam8295p_firmware*any
qualcommqam8295p*any
qualcommqca6174a_firmware*any
qualcommqca6174a*any
qualcommqca6391_firmware*any
qualcommqca6391*any
qualcommqca6426_firmware*any
qualcommqca6426*any
qualcommqca6436_firmware*any
qualcommqca6436*any
qualcommqca6574au_firmware*any
qualcommqca6574au*any
qualcommqca6584au_firmware*any
qualcommqca6584au*any
qualcommqca6595_firmware*any
qualcommqca6595*any
qualcommqca6595au_firmware*any
qualcommqca6595au*any
qualcommqca6688aq_firmware*any
qualcommqca6688aq*any
qualcommqca6696_firmware*any
qualcommqca6696*any
qualcommqca6698aq_firmware*any
qualcommqca6698aq*any
qualcommqcs410_firmware*any
qualcommqcs410*any
qualcommqcs610_firmware*any
qualcommqcs610*any
qualcommqcs6490_firmware*any
qualcommqcs6490*any
qualcommvideo_collaboration_vc1_platform_firmware*any
qualcommvideo_collaboration_vc1_platform*any
qualcommvideo_collaboration_vc3_platform_firmware*any
qualcommvideo_collaboration_vc3_platform*any
qualcommsa4150p_firmware*any
qualcommsa4150p*any
qualcommsa4155p_firmware*any
qualcommsa4155p*any
qualcommsa6145p_firmware*any
qualcommsa6145p*any
qualcommsa6150p_firmware*any
qualcommsa6150p*any
qualcommsa6155p_firmware*any
qualcommsa6155p*any
qualcommsa8145p_firmware*any
qualcommsa8145p*any
qualcommsa8150p_firmware*any
qualcommsa8150p*any
qualcommsa8155p_firmware*any
qualcommsa8155p*any
qualcommsa8195p_firmware*any
qualcommsa8195p*any
qualcommsa8295p_firmware*any
qualcommsa8295p*any
qualcommsd660_firmware*any
qualcommsd660*any
qualcommsd865_5g_firmware*any
qualcommsd865_5g*any
qualcommsg4150p_firmware*any
qualcommsg4150p*any
qualcommsnapdragon_660_mobile_firmware*any
qualcommsnapdragon_660_mobile*any
qualcommsnapdragon_680_4g_mobile_firmware*any
qualcommsnapdragon_680_4g_mobile*any
qualcommsnapdragon_685_4g_mobile_firmware*any
qualcommsnapdragon_685_4g_mobile*any
qualcommsnapdragon_8_gen_1_mobile_firmware*any
qualcommsnapdragon_8_gen_1_mobile*any
qualcommsnapdragon_865_5g_mobile_firmware*any
qualcommsnapdragon_865_5g_mobile*any
qualcommsnapdragon_865\+_5g_mobile_firmware*any
qualcommsnapdragon_865\+_5g_mobile*any
qualcommsnapdragon_870_5g_mobile_firmware*any
qualcommsnapdragon_870_5g_mobile*any
qualcommsnapdragon_888_5g_mobile_firmware*any
qualcommsnapdragon_888_5g_mobile*any
qualcommsnapdragon_888\+_5g_mobile_firmware*any
qualcommsnapdragon_888\+_5g_mobile*any
qualcommsnapdragon_auto_5g_modem-rf_firmware*any
qualcommsnapdragon_auto_5g_modem-rf*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2_firmware*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2*any
qualcommsnapdragon_x55_5g_modem-rf_firmware*any
qualcommsnapdragon_x55_5g_modem-rf*any
qualcommsnapdragon_xr2_5g_firmware*any
qualcommsnapdragon_xr2_5g*any
qualcommsw5100_firmware*any
qualcommsw5100*any
qualcommsw5100p_firmware*any
qualcommsw5100p*any
qualcommsxr2130_firmware*any
qualcommsxr2130*any
qualcommwcd9335_firmware*any
qualcommwcd9335*any
qualcommwcd9341_firmware*any
qualcommwcd9341*any
qualcommwcd9370_firmware*any
qualcommwcd9370*any
qualcommwcd9375_firmware*any
qualcommwcd9375*any
qualcommwcd9380_firmware*any
qualcommwcd9380*any
qualcommwcd9385_firmware*any
qualcommwcd9385*any
qualcommwcn3950_firmware*any
qualcommwcn3950*any
qualcommwcn3980_firmware*any
qualcommwcn3980*any
qualcommwcn3988_firmware*any
qualcommwcn3988*any
qualcommwcn3990_firmware*any
qualcommwcn3990*any
qualcommwsa8810_firmware*any
qualcommwsa8810*any
qualcommwsa8815_firmware*any
qualcommwsa8815*any
qualcommwsa8830_firmware*any
qualcommwsa8830*any
qualcommwsa8835_firmware*any
qualcommwsa8835*any

References 2

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html
    PatchVendor Advisory
  • cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43047
    US Government Resource

Remediation

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html
    PatchVendor Advisory