CVE-2024-33066

Published Oct 7, 2024

Last updated 2 years ago

CVSS critical 9.8
Wlan

Overview

Description
Memory corruption while redirecting log file to any file location with any file name.
Source
product-security@qualcomm.com
NVD status
Analyzed
Products
snapdragon_x65_5g_modem-rf_system_firmware, sdx65m_firmware, sdx55_firmware, qxm8083_firmware, qcn9274_firmware, qcn9160_firmware, qcn9100_firmware, qcn9074_firmware, qcn9072_firmware, qcn9070_firmware, qcn9024_firmware, qcn9022_firmware, qcn9000_firmware, qcn6432_firmware, qcn6422_firmware, qcn6412_firmware, qcn6402_firmware, qcn6132_firmware, qcn6122_firmware, qcn6112_firmware, qcn6024_firmware, qcn6023_firmware, qcn5164_firmware, qcn5154_firmware, qcn5152_firmware, qcn5124_firmware, qcn5122_firmware, qcn5052_firmware, qcn5024_firmware, qcn5022_firmware, qcf8001_firmware, qcf8000_firmware, qca9889_firmware, qca9888_firmware, qca8386_firmware, qca8085_firmware, qca8084_firmware, qca8082_firmware, qca8081_firmware, qca8075_firmware, qca4024_firmware, ipq9574_firmware, ipq9554_firmware, ipq9008_firmware, ipq8174_firmware, ipq8173_firmware, ipq8078a_firmware, ipq8078_firmware, ipq8076a_firmware, ipq8076_firmware, ipq8074a_firmware, ipq8072a_firmware, ipq8071a_firmware, ipq8070a_firmware, ipq6028_firmware, ipq6018_firmware, ipq6010_firmware, ipq6000_firmware, ipq5332_firmware, ipq5312_firmware, ipq5302_firmware, ipq5300_firmware, ipq5028_firmware, ipq5010_firmware, immersive_home_326_platform_firmware, immersive_home_3210_platform_firmware, immersive_home_318_platform_firmware, immersive_home_316_platform_firmware, immersive_home_216_platform_firmware, immersive_home_214_platform_firmware, csr8811_firmware

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo
product-security@qualcomm.com
CWE-20

Social media

Hype score
Not currently trending

Configurations

Related CVEs

  1. Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.CVE-2026-21381
  2. Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.CVE-2026-21367
  3. Memory corruption when decoding corrupted satellite data files with invalid signature offsets.CVE-2025-47392
  4. Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.CVE-2025-47389
  5. Qualcomm Multiple Chipsets Memory Corruption VulnerabilityCVE-2026-21385

References

Sources include official advisories and independent security research.