Vulnerability-Lookup

WID-SEC-W-2024-3096

Vulnerability from csaf_certbund - Published: 2024-10-07 22:00 - Updated: 2024-10-07 22:00

Summary

Android Patchday Oktober 2024: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen oder einen Denial-of-Service-Zustand zu erzeugen.

Betroffene Betriebssysteme: - Android

CVE-2024-0044

In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-20090

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-20091

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-20092

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-20093

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-20094

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-20100

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-20101

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-20103

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-23369

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-33049

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-33069

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-34732

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-34733

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-34748

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-38399

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40649

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40651

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40669

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40670

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40672

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40673

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40674

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40675

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40676

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

CVE-2024-40677

Affected products

Known affected 5 products

Product	Identifier	Version
Google Android 12L Google / Android	`cpe:/o:google:android:12l`	12L
Google Android 14 Google / Android	`cpe:/o:google:android:14`	14
Google Android 15 Google / Android	`cpe:/o:google:android:15`	15
Google Android 12 Google / Android	`cpe:/o:google:android:12`	12
Google Android 13 Google / Android	`cpe:/o:google:android:13`	13

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://source.android.com/docs/security/bulletin…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Android",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3096 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3096.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3096 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3096"
      },
      {
        "category": "external",
        "summary": "Android Patchday October 2024  vom 2024-10-07",
        "url": "https://source.android.com/docs/security/bulletin/2024-10-01"
      }
    ],
    "source_lang": "en-US",
    "title": "Android Patchday Oktober 2024: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-10-07T22:00:00.000+00:00",
      "generator": {
        "date": "2024-10-08T08:11:30.316+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-3096",
      "initial_release_date": "2024-10-07T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-10-07T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "14",
                "product": {
                  "name": "Google Android 14",
                  "product_id": "T030961",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:14"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "13",
                "product": {
                  "name": "Google Android 13",
                  "product_id": "T033808",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:13"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12",
                "product": {
                  "name": "Google Android 12",
                  "product_id": "T038019",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:12"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12L",
                "product": {
                  "name": "Google Android 12L",
                  "product_id": "T038020",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:12l"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "15",
                "product": {
                  "name": "Google Android 15",
                  "product_id": "T038021",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:google:android:15"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Android"
          }
        ],
        "category": "vendor",
        "name": "Google"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-0044",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-0044"
    },
    {
      "cve": "CVE-2024-20090",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-20090"
    },
    {
      "cve": "CVE-2024-20091",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-20091"
    },
    {
      "cve": "CVE-2024-20092",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-20092"
    },
    {
      "cve": "CVE-2024-20093",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-20093"
    },
    {
      "cve": "CVE-2024-20094",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-20094"
    },
    {
      "cve": "CVE-2024-20100",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-20100"
    },
    {
      "cve": "CVE-2024-20101",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-20101"
    },
    {
      "cve": "CVE-2024-20103",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-20103"
    },
    {
      "cve": "CVE-2024-23369",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-23369"
    },
    {
      "cve": "CVE-2024-33049",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-33049"
    },
    {
      "cve": "CVE-2024-33069",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-33069"
    },
    {
      "cve": "CVE-2024-34732",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-34732"
    },
    {
      "cve": "CVE-2024-34733",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-34733"
    },
    {
      "cve": "CVE-2024-34748",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-34748"
    },
    {
      "cve": "CVE-2024-38399",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-38399"
    },
    {
      "cve": "CVE-2024-40649",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40649"
    },
    {
      "cve": "CVE-2024-40651",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40651"
    },
    {
      "cve": "CVE-2024-40669",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40669"
    },
    {
      "cve": "CVE-2024-40670",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40670"
    },
    {
      "cve": "CVE-2024-40672",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40672"
    },
    {
      "cve": "CVE-2024-40673",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40673"
    },
    {
      "cve": "CVE-2024-40674",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40674"
    },
    {
      "cve": "CVE-2024-40675",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40675"
    },
    {
      "cve": "CVE-2024-40676",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40676"
    },
    {
      "cve": "CVE-2024-40677",
      "notes": [
        {
          "category": "description",
          "text": "In Google Android bestehen mehrere Schwachstellen. Diese Fehler existieren in mehreren Subsystemen und Komponenten wie dem Framework, dem Wifi oder den Komponenten von Mediatek und Qualcomm. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038020",
          "T030961",
          "T038021",
          "T038019",
          "T033808"
        ]
      },
      "release_date": "2024-10-07T22:00:00.000+00:00",
      "title": "CVE-2024-40677"
    }
  ]
}

CVE-2024-0044 (GCVE-0-2024-0044)

Vulnerability from cvelistv5 – Published: 2024-03-11 16:35 – Updated: 2025-01-28 19:13

Summary

In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Elevation of privilege

Assigner

google_android

References

3 references

URL	Tags
https://android.googlesource.com/platform/framewo…
https://android.googlesource.com/platform/framewo…
https://source.android.com/security/bulletin/2024-10-01

Impacted products

1 product

Vendor	Product	Version
Google	Android	Affected: 15 Affected: 14 Affected: 13 Affected: 12L Affected: 12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
              "cpe:2.3:o:google:android:12l:*:*:*:*:*:*:*",
              "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*",
              "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "android",
            "vendor": "google",
            "versions": [
              {
                "status": "affected",
                "version": "12.0"
              },
              {
                "status": "affected",
                "version": "12l"
              },
              {
                "status": "affected",
                "version": "13.0"
              },
              {
                "status": "affected",
                "version": "14.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-0044",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-21T03:55:50.753870Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-75",
                "description": "CWE-75 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-21T13:51:29.749Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:41:15.569Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/frameworks/base/+/65bd134b0a82c51a143b89821d5cdd00ddc31792"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2024-03-01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://rtx.meta.security/exploitation/2024/03/04/Android-run-as-forgery.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-m7fh-f3w4-r6v2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "15"
            },
            {
              "status": "affected",
              "version": "14"
            },
            {
              "status": "affected",
              "version": "13"
            },
            {
              "status": "affected",
              "version": "12L"
            },
            {
              "status": "affected",
              "version": "12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-28T19:13:40.074Z",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "url": "https://android.googlesource.com/platform/frameworks/base/+/954b2874b85b6cd0d6bb12cd677cdf22e5dbd77b"
        },
        {
          "url": "https://android.googlesource.com/platform/frameworks/base/+/836750619a8bce0bf78fe0549f9990e294671563"
        },
        {
          "url": "https://source.android.com/security/bulletin/2024-10-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2024-0044",
    "datePublished": "2024-03-11T16:35:21.760Z",
    "dateReserved": "2023-11-16T22:59:22.652Z",
    "dateUpdated": "2025-01-28T19:13:40.074Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20090 (GCVE-0-2024-20090)

Vulnerability from cvelistv5 – Published: 2024-10-07 02:35 – Updated: 2024-10-07 14:05

Summary

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703.

Severity

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

MediaTek

References

1 reference

URL	Tags
https://corp.mediatek.com/product-security-bullet…

Impacted products

1 product

Vendor	Product	Version
MediaTek, Inc.	MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789	Affected: Android 12.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6761",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6765",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6768",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6779",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6785",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6853",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6873",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6885",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8385",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8666",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8667",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8766",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8768",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8781",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8788",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8789",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "android",
            "vendor": "google",
            "versions": [
              {
                "status": "affected",
                "version": "12.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-20090",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T14:04:38.748567Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T14:05:24.427Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 12.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T02:35:05.952Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20090",
    "datePublished": "2024-10-07T02:35:05.952Z",
    "dateReserved": "2023-11-02T13:35:35.174Z",
    "dateUpdated": "2024-10-07T14:05:24.427Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20091 (GCVE-0-2024-20091)

Vulnerability from cvelistv5 – Published: 2024-10-07 02:35 – Updated: 2024-10-27 02:42

Summary

In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1701.

Severity

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-125 - Out-of-bounds Read

Assigner

MediaTek

References

1 reference

URL	Tags
https://corp.mediatek.com/product-security-bullet…

Impacted products

1 product

Vendor	Product	Version
MediaTek, Inc.	MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789	Affected: Android 12.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 4.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-20091",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T14:03:31.796928Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-27T02:42:48.348Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 12.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1701."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T02:35:07.795Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20091",
    "datePublished": "2024-10-07T02:35:07.795Z",
    "dateReserved": "2023-11-02T13:35:35.174Z",
    "dateUpdated": "2024-10-27T02:42:48.348Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20092 (GCVE-0-2024-20092)

Vulnerability from cvelistv5 – Published: 2024-10-07 02:35 – Updated: 2024-10-07 13:44

Summary

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

MediaTek

References

1 reference

URL	Tags
https://corp.mediatek.com/product-security-bullet…

Impacted products

1 product

Vendor	Product	Version
MediaTek, Inc.	MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789	Affected: Android 12.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6761",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6765",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6768",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6779",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6785",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6853",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6873",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6885",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8385",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8666",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8667",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8766",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8768",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8781",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8788",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8789",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "android",
            "vendor": "google",
            "versions": [
              {
                "status": "affected",
                "version": "12.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-20092",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T13:43:28.780094Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T13:44:00.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 12.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1700."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T02:35:09.608Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20092",
    "datePublished": "2024-10-07T02:35:09.608Z",
    "dateReserved": "2023-11-02T13:35:35.174Z",
    "dateUpdated": "2024-10-07T13:44:00.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20093 (GCVE-0-2024-20093)

Vulnerability from cvelistv5 – Published: 2024-10-07 02:35 – Updated: 2024-10-27 02:39

Summary

Severity

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-125 - Out-of-bounds Read

Assigner

MediaTek

References

1 reference

URL	Tags
https://corp.mediatek.com/product-security-bullet…

Impacted products

1 product

Vendor	Product	Version
MediaTek, Inc.	MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789	Affected: Android 12.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 4.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-20093",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T13:42:44.263959Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-27T02:39:40.706Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 12.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1699."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T02:35:11.241Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20093",
    "datePublished": "2024-10-07T02:35:11.241Z",
    "dateReserved": "2023-11-02T13:35:35.174Z",
    "dateUpdated": "2024-10-27T02:39:40.706Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20094 (GCVE-0-2024-20094)

Vulnerability from cvelistv5 – Published: 2024-10-07 02:35 – Updated: 2024-10-07 13:32

Summary

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-617 - Reachable Assertion

Assigner

MediaTek

References

1 reference

URL	Tags
https://corp.mediatek.com/product-security-bullet…

Impacted products

1 product

Vendor	Product	Version
MediaTek, Inc.	MT2735, MT6833, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8675, MT8771, MT8791, MT8791T, MT8797	Affected: Modem NR15

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt2735",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6833",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6853",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6855",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6873",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6875",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6875t",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6877",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6880",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6883",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6885",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6889",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6890",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6891",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6893",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8675",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8771",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8791",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8791t",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8797",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-20094",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T13:31:54.838370Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T13:32:50.793Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT2735, MT6833, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8675, MT8771, MT8791, MT8791T, MT8797",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Modem NR15"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617 Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T03:25:50.459Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20094",
    "datePublished": "2024-10-07T02:35:17.919Z",
    "dateReserved": "2023-11-02T13:35:35.174Z",
    "dateUpdated": "2024-10-07T13:32:50.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20100 (GCVE-0-2024-20100)

Vulnerability from cvelistv5 – Published: 2024-10-07 02:35 – Updated: 2024-10-07 13:41

Summary

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

MediaTek

References

1 reference

URL	Tags
https://corp.mediatek.com/product-security-bullet…

Impacted products

1 product

Vendor	Product	Version
MediaTek, Inc.	MT3605, MT6985, MT6989, MT6990, MT7927, MT8183, MT8365, MT8512, MT8676, MT8678, MT8695, MT8698, MT8755, MT8775, MT8792, MT8796	Affected: Android 13.0, 14.0, 15.0 / SDK release 3.3 and before / Yocto 4.0 / IOT-v24.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt3605:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt3605",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6985",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6989",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6990",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt7927",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8183",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8365",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8512:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8512",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8676",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8678",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8695",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8698:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8698",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8755",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8775",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8792",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8796",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "android",
            "vendor": "google",
            "versions": [
              {
                "status": "affected",
                "version": "13.0"
              },
              {
                "status": "affected",
                "version": "14.0"
              },
              {
                "status": "affected",
                "version": "15.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-20100",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T13:40:52.466014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T13:41:34.047Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT3605, MT6985, MT6989, MT6990, MT7927, MT8183, MT8365, MT8512, MT8676, MT8678, MT8695, MT8698, MT8755, MT8775, MT8792, MT8796",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 13.0, 14.0, 15.0 / SDK release 3.3 and before / Yocto 4.0 / IOT-v24.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T02:35:12.817Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20100",
    "datePublished": "2024-10-07T02:35:12.817Z",
    "dateReserved": "2023-11-02T13:35:35.175Z",
    "dateUpdated": "2024-10-07T13:41:34.047Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20101 (GCVE-0-2024-20101)

Vulnerability from cvelistv5 – Published: 2024-10-07 02:35 – Updated: 2024-10-07 13:39

Summary

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

MediaTek

References

1 reference

URL	Tags
https://corp.mediatek.com/product-security-bullet…

Impacted products

1 product

Vendor	Product	Version
MediaTek, Inc.	MT3605, MT6985, MT6989, MT6990, MT7927, MT8183, MT8512, MT8676, MT8678, MT8695, MT8698, MT8755, MT8775, MT8792, MT8796	Affected: Android 13.0, 14.0, 15.0 / SDK release 3.3 and before

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt3605:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt3605",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6985",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6989",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6990",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt7927",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8183",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8512:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8512",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8676",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8678",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8695",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8698:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8698",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8755",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8775",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8792",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8796",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "android",
            "vendor": "google",
            "versions": [
              {
                "status": "affected",
                "version": "13.0"
              },
              {
                "status": "affected",
                "version": "14.0"
              },
              {
                "status": "affected",
                "version": "15.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-20101",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T13:38:26.414192Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T13:39:17.026Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT3605, MT6985, MT6989, MT6990, MT7927, MT8183, MT8512, MT8676, MT8678, MT8695, MT8698, MT8755, MT8775, MT8792, MT8796",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 13.0, 14.0, 15.0 / SDK release 3.3 and before"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T02:35:14.381Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20101",
    "datePublished": "2024-10-07T02:35:14.381Z",
    "dateReserved": "2023-11-02T13:35:35.175Z",
    "dateUpdated": "2024-10-07T13:39:17.026Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20103 (GCVE-0-2024-20103)

Vulnerability from cvelistv5 – Published: 2024-10-07 02:35 – Updated: 2024-10-07 13:39

Summary

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

MediaTek

References

1 reference

URL	Tags
https://corp.mediatek.com/product-security-bullet…

Impacted products

1 product

Vendor	Product	Version
MediaTek, Inc.	MT3605, MT6985, MT6989, MT6990, MT7927, MT8183, MT8512, MT8678, MT8695, MT8698, MT8796, MT8893	Affected: Android 13.0, 14.0, 15.0 / SDK release 3.3 and before

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt3605:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt3605",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6985",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6989",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6990",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt7927",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8183",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8512:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8512",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8678",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8695",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8698:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8698",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8796",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8893",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "android",
            "vendor": "google",
            "versions": [
              {
                "status": "affected",
                "version": "13.0"
              },
              {
                "status": "affected",
                "version": "14.0"
              },
              {
                "status": "affected",
                "version": "15.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-20103",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T13:37:37.503323Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T13:39:53.535Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT3605, MT6985, MT6989, MT6990, MT7927, MT8183, MT8512, MT8678, MT8695, MT8698, MT8796, MT8893",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 13.0, 14.0, 15.0 / SDK release 3.3 and before"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T02:35:15.849Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2024-20103",
    "datePublished": "2024-10-07T02:35:15.849Z",
    "dateReserved": "2023-11-02T13:35:35.176Z",
    "dateUpdated": "2024-10-07T13:39:53.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-23369 (GCVE-0-2024-23369)

Vulnerability from cvelistv5 – Published: 2024-10-07 12:58 – Updated: 2024-10-07 13:19

Title

Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS

Summary

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

qualcomm

References

1 reference

URL	Tags
https://docs.qualcomm.com/product/publicresources…

Impacted products

1 product

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: AR8035 Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QAM8255P Affected: QAM8295P Affected: QAM8620P Affected: QAM8650P Affected: QAM8775P Affected: QAMSRV1H Affected: QAMSRV1M Affected: QCA6174A Affected: QCA6391 Affected: QCA6421 Affected: QCA6426 Affected: QCA6431 Affected: QCA6436 Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6678AQ Affected: QCA6696 Affected: QCA6698AQ Affected: QCA6797AQ Affected: QCA8081 Affected: QCA8337 Affected: QCC710 Affected: QCM5430 Affected: QCM6490 Affected: QCN6224 Affected: QCN6274 Affected: QCS5430 Affected: QCS6490 Affected: QDU1000 Affected: QDU1010 Affected: QDU1110 Affected: QDU1210 Affected: QDX1010 Affected: QDX1011 Affected: QEP8111 Affected: QFW7114 Affected: QFW7124 Affected: QRU1032 Affected: QRU1052 Affected: QRU1062 Affected: QSM8350 Affected: Qualcomm Video Collaboration VC3 Platform Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA7255P Affected: SA7775P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8255P Affected: SA8295P Affected: SA8530P Affected: SA8540P Affected: SA8620P Affected: SA8650P Affected: SA8770P Affected: SA8775P Affected: SA9000P Affected: SC8380XP Affected: SD 8 Gen1 5G Affected: SD865 5G Affected: SM4635 Affected: SM7250P Affected: SM8635 Affected: Snapdragon 765 5G Mobile Platform (SM7250-AA) Affected: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Affected: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: Snapdragon 8 Gen 3 Mobile Platform Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon 888 5G Mobile Platform Affected: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Affected: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Affected: Snapdragon Auto 5G Modem-RF Gen 2 Affected: Snapdragon X35 5G Modem-RF System Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon X62 5G Modem-RF System Affected: Snapdragon X65 5G Modem-RF System Affected: Snapdragon X72 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: SRV1H Affected: SRV1L Affected: SRV1M Affected: SXR2130 Affected: WCD9340 Affected: WCD9370 Affected: WCD9375 Affected: WCD9378 Affected: WCD9380 Affected: WCD9385 Affected: WCD9390 Affected: WCD9395 Affected: WCN3950 Affected: WCN3988 Affected: WCN6755 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ar8035_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_6200_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_6700_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_6800_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_6900_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fastconnect_7800_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qam8255p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qam8295p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qam8620p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qam8620p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qam8650p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qam8775p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qamsrv1h_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qamsrv1m_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6174a_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6391_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6421_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6426_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6431_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6436_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6574_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6574a_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6574au_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6584au_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6595_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6595au_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6678aq_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6696_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6698aq_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6797aq_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca8081_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca8337_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcc710_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcc710_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcm5430_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcm6490_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcn6224_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcn6274_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcs5430_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcs6490_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qdu1000_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qdu1000_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qdu1010_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qdu1010_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qdu1110_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qdu1110_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qdu1210_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qdu1210_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qdx1010_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qdx1010_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qdx1011_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qdx1011_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qep8111_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qep8111_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qfw7114_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qfw7114_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qfw7124_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qfw7124_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qru1032_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qru1032_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qru1052_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qru1052_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qru1062_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qru1062_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qsm8350_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qualcomm_video_collaboration_vc3_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa6145p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa6150p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa6155p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa7255p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa7775p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8145p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8150p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8155p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8195p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8255p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8295p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8530p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8530p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8540p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8620p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8650p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8650p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8770p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8775p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa9000p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sc8380xp_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd_8_gen1_5g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sd865_5g_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sm4635_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sm4635_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sm7250p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sm8635_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sm8635_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_8_gen_1_mobile_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_8_gen_3_mobile_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_865_5g_mobile_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_888_5g_mobile_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_auto_5g_modem-rf_gen_2_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x35_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x35_5g_modem-rf_system_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x55_5g_modem-rf_system_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x62_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x62_5g_modem-rf_system_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x65_5g_modem-rf_system_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x72_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x72_5g_modem-rf_system_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_x75_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_x75_5g_modem-rf_system_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_xr2_5g_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "srv1h_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:srv1l_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "srv1l_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "srv1m_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sxr2130_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9340_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9370_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9375_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9378_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9380_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9385_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9390_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9395_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3950_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3988_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn6755_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8810_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8815_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8830_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8832_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8835_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8840_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8845_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8845h_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23369",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T13:18:53.865051Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T13:19:06.300Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Mobile",
            "Snapdragon Technology"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6700"
            },
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "QAM8255P"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QAM8620P"
            },
            {
              "status": "affected",
              "version": "QAM8650P"
            },
            {
              "status": "affected",
              "version": "QAM8775P"
            },
            {
              "status": "affected",
              "version": "QAMSRV1H"
            },
            {
              "status": "affected",
              "version": "QAMSRV1M"
            },
            {
              "status": "affected",
              "version": "QCA6174A"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6421"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6431"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6574"
            },
            {
              "status": "affected",
              "version": "QCA6574A"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6584AU"
            },
            {
              "status": "affected",
              "version": "QCA6595"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6678AQ"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCA6797AQ"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCC710"
            },
            {
              "status": "affected",
              "version": "QCM5430"
            },
            {
              "status": "affected",
              "version": "QCM6490"
            },
            {
              "status": "affected",
              "version": "QCN6224"
            },
            {
              "status": "affected",
              "version": "QCN6274"
            },
            {
              "status": "affected",
              "version": "QCS5430"
            },
            {
              "status": "affected",
              "version": "QCS6490"
            },
            {
              "status": "affected",
              "version": "QDU1000"
            },
            {
              "status": "affected",
              "version": "QDU1010"
            },
            {
              "status": "affected",
              "version": "QDU1110"
            },
            {
              "status": "affected",
              "version": "QDU1210"
            },
            {
              "status": "affected",
              "version": "QDX1010"
            },
            {
              "status": "affected",
              "version": "QDX1011"
            },
            {
              "status": "affected",
              "version": "QEP8111"
            },
            {
              "status": "affected",
              "version": "QFW7114"
            },
            {
              "status": "affected",
              "version": "QFW7124"
            },
            {
              "status": "affected",
              "version": "QRU1032"
            },
            {
              "status": "affected",
              "version": "QRU1052"
            },
            {
              "status": "affected",
              "version": "QRU1062"
            },
            {
              "status": "affected",
              "version": "QSM8350"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC3 Platform"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA7255P"
            },
            {
              "status": "affected",
              "version": "SA7775P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8255P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SA8530P"
            },
            {
              "status": "affected",
              "version": "SA8540P"
            },
            {
              "status": "affected",
              "version": "SA8620P"
            },
            {
              "status": "affected",
              "version": "SA8650P"
            },
            {
              "status": "affected",
              "version": "SA8770P"
            },
            {
              "status": "affected",
              "version": "SA8775P"
            },
            {
              "status": "affected",
              "version": "SA9000P"
            },
            {
              "status": "affected",
              "version": "SC8380XP"
            },
            {
              "status": "affected",
              "version": "SD 8 Gen1 5G"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "SM4635"
            },
            {
              "status": "affected",
              "version": "SM7250P"
            },
            {
              "status": "affected",
              "version": "SM8635"
            },
            {
              "status": "affected",
              "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 3 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 888 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 5G Modem-RF Gen 2"
            },
            {
              "status": "affected",
              "version": "Snapdragon X35 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X55 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X62 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X65 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X72 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X75 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "SRV1H"
            },
            {
              "status": "affected",
              "version": "SRV1L"
            },
            {
              "status": "affected",
              "version": "SRV1M"
            },
            {
              "status": "affected",
              "version": "SXR2130"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9375"
            },
            {
              "status": "affected",
              "version": "WCD9378"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCD9390"
            },
            {
              "status": "affected",
              "version": "WCD9395"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN6755"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            },
            {
              "status": "affected",
              "version": "WSA8840"
            },
            {
              "status": "affected",
              "version": "WSA8845"
            },
            {
              "status": "affected",
              "version": "WSA8845H"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T12:58:43.387Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html"
        }
      ],
      "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2024-23369",
    "datePublished": "2024-10-07T12:58:43.387Z",
    "dateReserved": "2024-01-16T03:27:26.434Z",
    "dateUpdated": "2024-10-07T13:19:06.300Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2024-3096

CVE-2024-0044 (GCVE-0-2024-0044)

CVE-2024-20090 (GCVE-0-2024-20090)

CVE-2024-20091 (GCVE-0-2024-20091)

CVE-2024-20092 (GCVE-0-2024-20092)

CVE-2024-20093 (GCVE-0-2024-20093)

CVE-2024-20094 (GCVE-0-2024-20094)

CVE-2024-20100 (GCVE-0-2024-20100)

CVE-2024-20101 (GCVE-0-2024-20101)

CVE-2024-20103 (GCVE-0-2024-20103)

CVE-2024-23369 (GCVE-0-2024-23369)

Tags

Sightings

Nomenclature