CVE-2024-43060

HIGH EPSS 1.4%
Published Mar 3, 20251y ago ยท Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Mar 3, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
1.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 2

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
CWE-823

Affected Products 82

VendorProductVersionRange
qualcommar8035_firmware*any
qualcommar8035*any
qualcommfastconnect_6900_firmware*any
qualcommfastconnect_6900*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommqam8295p_firmware*any
qualcommqam8295p*any
qualcommqca6574au_firmware*any
qualcommqca6574au*any
qualcommqca6696_firmware*any
qualcommqca6696*any
qualcommqca8081_firmware*any
qualcommqca8081*any
qualcommqca8337_firmware*any
qualcommqca8337*any
qualcommqca9367_firmware*any
qualcommqca9367*any
qualcommqca9377_firmware*any
qualcommqca9377*any
qualcommqcc710_firmware*any
qualcommqcc710*any
qualcommqcn6224_firmware*any
qualcommqcn6224*any
qualcommqcn6274_firmware*any
qualcommqcn6274*any
qualcommqcs8550_firmware*any
qualcommqcs8550*any
qualcommqfw7114_firmware*any
qualcommqfw7114*any
qualcommqfw7124_firmware*any
qualcommqfw7124*any
qualcommsa6145p_firmware*any
qualcommsa6145p*any
qualcommsa6150p_firmware*any
qualcommsa6150p*any
qualcommsa6155p_firmware*any
qualcommsa6155p*any
qualcommsa8145p_firmware*any
qualcommsa8145p*any
qualcommsa8150p_firmware*any
qualcommsa8150p*any
qualcommsa8155p_firmware*any
qualcommsa8155p*any
qualcommsa8195p_firmware*any
qualcommsa8195p*any
qualcommsa8295p_firmware*any
qualcommsa8295p*any
qualcommsa8530p_firmware*any
qualcommsa8530p*any
qualcommsa8540p_firmware*any
qualcommsa8540p*any
qualcommsa9000p_firmware*any
qualcommsa9000p*any
qualcommsdm429w_firmware*any
qualcommsdm429w*any
qualcommsnapdragon_429_firmware*any
qualcommsnapdragon_429*any
qualcommsnapdragon_x72_5g_firmware*any
qualcommsnapdragon_x72_5g*any
qualcommsnapdragon_x75_5g_firmware*any
qualcommsnapdragon_x75_5g*any
qualcommsxr2230p_firmware*any
qualcommsxr2230p*any
qualcommsxr2250p_firmware*any
qualcommsxr2250p*any
qualcommwcd9340_firmware*any
qualcommwcd9340*any
qualcommwcd9380_firmware*any
qualcommwcd9380*any
qualcommwcd9385_firmware*any
qualcommwcd9385*any
qualcommwcn3620_firmware*any
qualcommwcn3620*any
qualcommwcn3660b_firmware*any
qualcommwcn3660b*any
qualcommwsa8830_firmware*any
qualcommwsa8830*any
qualcommwsa8832_firmware*any
qualcommwsa8832*any
qualcommwsa8835_firmware*any
qualcommwsa8835*any

References 1

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html
    PatchVendor Advisory

Remediation

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html
    PatchVendor Advisory