← Retour aux CVEs
CVE-2024-38414
MEDIUM6.1
Description
Information disclosure while processing information on firmware image during core initialization.
Details CVE
Score CVSS v3.16.1
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie2/3/2025
Derniere modification2/5/2025
Sourcenvd
Observations honeypot0
Produits affectes
qualcomm:fastconnect_6900qualcomm:fastconnect_6900_firmwarequalcomm:fastconnect_7800qualcomm:fastconnect_7800_firmwarequalcomm:qam8295pqualcomm:qam8295p_firmwarequalcomm:qca6174aqualcomm:qca6174a_firmwarequalcomm:qca6574auqualcomm:qca6574au_firmwarequalcomm:qca6696qualcomm:qca6696_firmwarequalcomm:sa6145pqualcomm:sa6145p_firmwarequalcomm:sa6150pqualcomm:sa6150p_firmwarequalcomm:sa6155pqualcomm:sa6155p_firmwarequalcomm:sa8145pqualcomm:sa8145p_firmwarequalcomm:sa8150pqualcomm:sa8150p_firmwarequalcomm:sa8155pqualcomm:sa8155p_firmwarequalcomm:sa8195pqualcomm:sa8195p_firmwarequalcomm:sa8295pqualcomm:sa8295p_firmwarequalcomm:sa8530pqualcomm:sa8530p_firmwarequalcomm:sa8540pqualcomm:sa8540p_firmwarequalcomm:sa9000pqualcomm:sa9000p_firmwarequalcomm:snapdragon_888\+_5g_mobilequalcomm:snapdragon_888\+_5g_mobile_firmwarequalcomm:snapdragon_888_5g_mobilequalcomm:snapdragon_888_5g_mobile_firmwarequalcomm:snapdragon_8_gen_1_mobilequalcomm:snapdragon_8_gen_1_mobile_firmwarequalcomm:snapdragon_w5\+_gen_1_wearablequalcomm:snapdragon_w5\+_gen_1_wearable_firmwarequalcomm:sw5100qualcomm:sw5100_firmwarequalcomm:sw5100pqualcomm:sw5100p_firmwarequalcomm:wcd9380qualcomm:wcd9380_firmwarequalcomm:wcd9385qualcomm:wcd9385_firmwarequalcomm:wcn3980qualcomm:wcn3980_firmwarequalcomm:wcn3988qualcomm:wcn3988_firmwarequalcomm:wsa8830qualcomm:wsa8830_firmwarequalcomm:wsa8835qualcomm:wsa8835_firmware
Faiblesses (CWE)
CWE-126CWE-125
References
https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html(product-security@qualcomm.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.