CVE-2024-49846

nvd nist

Published: May 6, 2025Modified: May 9, 2025

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

Memory corruption while decoding of OTA messages from T3448 IE.

Affected (31)

Products: Qualcomm: Qca6688aq Firmware, Qca6698aq Firmware, Qca8081 Firmware, Qca8337 Firmware, Qcc710 Firmware, Qcn6224 Firmware, Qcn6274 Firmware, Qfw7114 Firmware, Qfw7124 Firmware, Sdx80m Firmware, Sm8750 Firmware, Sm8750p Firmware, Snapdragon Auto 5g Modem Rf Gen 2 Firmware, Snapdragon W5+ Gen 1 Wearable Firmware, Snapdragon X72 5g Modem Rf System Firmware, Snapdragon X75 5g Modem Rf System Firmware, Sw5100 Firmware, Sw5100p Firmware, Wcd9340 Firmware, Wcd9395 Firmware, Wsa8830 Firmware, Wsa8832 Firmware, Wsa8835 Firmware, Wsa8840 Firmware, Wsa8845 Firmware, Wsa8845h Firmware, Ar8035 Firmware, Fastconnect 7800 Firmware, Qca6574au Firmware, Qca6595au Firmware, Qca6678aq Firmware

31 products

Snapdragon Auto 5g Modem Rf Gen 2 Firmware

Snapdragon W5+ Gen 1 Wearable Firmware

Snapdragon X72 5g Modem Rf System Firmware

Snapdragon X75 5g Modem Rf System Firmware

Fastconnect 7800 Firmware

Qca6574au Firmware

Qca6595au Firmware

Qca6678aq Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6688aq Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6688aq	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6698aq Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6698aq	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8081 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8081	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8337 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8337	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcc710 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcc710	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6224 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6224	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6274 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6274	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfw7114 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfw7114	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfw7124 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfw7124	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx80m Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx80m	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm8750 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm8750	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm8750p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm8750p	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon Auto 5g Modem Rf Gen 2 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon Auto 5g Modem Rf Gen 2	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon W5+ Gen 1 Wearable Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon W5+ Gen 1 Wearable	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X72 5g Modem Rf System Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X72 5g Modem Rf System	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X75 5g Modem Rf System Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X75 5g Modem Rf System	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100p	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9395 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9395	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8830	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8832 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8832	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8835	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8840 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8840	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8845 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8845	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8845h Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8845h	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ar8035 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ar8035	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Fastconnect 7800 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Fastconnect 7800	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574au	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6595au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6595au	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6678aq Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6678aq	All versions

Related CWEs

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-126

Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References (1)

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html

Source: product-security@qualcomm.com

Vendor Advisory

Timeline

No history available yet.