CVE-2024-49846

CRITICAL EPSS 14.0%
Published May 6, 20251y ago ยท Modified Jun 17, 20262w ago
9.1 CVSS 3.1
Critical
Find Similar
Published May 6, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Memory corruption while decoding of OTA messages from T3448 IE.

CVSS Details

Base Score
9.1
Exploitability
3.9
Impact
5.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-125 Out-of-bounds Read Memory Safety
CWE-126

Affected Products 62

VendorProductVersionRange
qualcommqca6688aq_firmware*any
qualcommqca6688aq*any
qualcommqca6698aq_firmware*any
qualcommqca6698aq*any
qualcommqca8081_firmware*any
qualcommqca8081*any
qualcommqca8337_firmware*any
qualcommqca8337*any
qualcommqcc710_firmware*any
qualcommqcc710*any
qualcommqcn6224_firmware*any
qualcommqcn6224*any
qualcommqcn6274_firmware*any
qualcommqcn6274*any
qualcommqfw7114_firmware*any
qualcommqfw7114*any
qualcommqfw7124_firmware*any
qualcommqfw7124*any
qualcommsdx80m_firmware*any
qualcommsdx80m*any
qualcommsm8750_firmware*any
qualcommsm8750*any
qualcommsm8750p_firmware*any
qualcommsm8750p*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2_firmware*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2*any
qualcommsnapdragon_w5\+_gen_1_wearable_firmware*any
qualcommsnapdragon_w5\+_gen_1_wearable*any
qualcommsnapdragon_x72_5g_modem-rf_system_firmware*any
qualcommsnapdragon_x72_5g_modem-rf_system*any
qualcommsnapdragon_x75_5g_modem-rf_system_firmware*any
qualcommsnapdragon_x75_5g_modem-rf_system*any
qualcommsw5100_firmware*any
qualcommsw5100*any
qualcommsw5100p_firmware*any
qualcommsw5100p*any
qualcommwcd9340_firmware*any
qualcommwcd9340*any
qualcommwcd9395_firmware*any
qualcommwcd9395*any
qualcommwsa8830_firmware*any
qualcommwsa8830*any
qualcommwsa8832_firmware*any
qualcommwsa8832*any
qualcommwsa8835_firmware*any
qualcommwsa8835*any
qualcommwsa8840_firmware*any
qualcommwsa8840*any
qualcommwsa8845_firmware*any
qualcommwsa8845*any
qualcommwsa8845h_firmware*any
qualcommwsa8845h*any
qualcommar8035_firmware*any
qualcommar8035*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommqca6574au_firmware*any
qualcommqca6574au*any
qualcommqca6595au_firmware*any
qualcommqca6595au*any
qualcommqca6678aq_firmware*any
qualcommqca6678aq*any

References 1

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.