CVE-2024-33066

Oct. 16, 2024, 7:49 p.m.

Tags

CWE-20
product-security@qualcomm.com
NVD-CWE-noinfo
2024-10-07
CVE-2024-33066

CVSS Score

9.8 / 10

Products Impacted

Vendor Product Versions
qualcomm
  • snapdragon_x65_5g_modem-rf_system_firmware
  • snapdragon_x65_5g_modem-rf_system
  • sdx65m_firmware
  • sdx65m
  • sdx55_firmware
  • sdx55
  • qxm8083_firmware
  • qxm8083
  • qcn9274_firmware
  • qcn9274
  • qcn9160_firmware
  • qcn9160
  • qcn9100_firmware
  • qcn9100
  • qcn9074_firmware
  • qcn9074
  • qcn9072_firmware
  • qcn9072
  • qcn9070_firmware
  • qcn9070
  • qcn9024_firmware
  • qcn9024
  • qcn9022_firmware
  • qcn9022
  • qcn9000_firmware
  • qcn9000
  • qcn6432_firmware
  • qcn6432
  • qcn6422_firmware
  • qcn6422
  • qcn6412_firmware
  • qcn6412
  • qcn6402_firmware
  • qcn6402
  • qcn6132_firmware
  • qcn6132
  • qcn6122_firmware
  • qcn6122
  • qcn6112_firmware
  • qcn6112
  • qcn6024_firmware
  • qcn6024
  • qcn6023_firmware
  • qcn6023
  • qcn5164_firmware
  • qcn5164
  • qcn5154_firmware
  • qcn5154
  • qcn5152_firmware
  • qcn5152
  • qcn5124_firmware
  • qcn5124
  • qcn5122_firmware
  • qcn5122
  • qcn5052_firmware
  • qcn5052
  • qcn5024_firmware
  • qcn5024
  • qcn5022_firmware
  • qcn5022
  • qcf8001_firmware
  • qcf8001
  • qcf8000_firmware
  • qcf8000
  • qca9889_firmware
  • qca9889
  • qca9888_firmware
  • qca9888
  • qca8386_firmware
  • qca8386
  • qca8085_firmware
  • qca8085
  • qca8084_firmware
  • qca8084
  • qca8082_firmware
  • qca8082
  • qca8081_firmware
  • qca8081
  • qca8075_firmware
  • qca8075
  • qca4024_firmware
  • qca4024
  • ipq9574_firmware
  • ipq9574
  • ipq9554_firmware
  • ipq9554
  • ipq9008_firmware
  • ipq9008
  • ipq8174_firmware
  • ipq8174
  • ipq8173_firmware
  • ipq8173
  • ipq8078a_firmware
  • ipq8078a
  • ipq8078_firmware
  • ipq8078
  • ipq8076a_firmware
  • ipq8076a
  • ipq8076_firmware
  • ipq8076
  • ipq8074a_firmware
  • ipq8074a
  • ipq8072a_firmware
  • ipq8072a
  • ipq8071a_firmware
  • ipq8071a
  • ipq8070a_firmware
  • ipq8070a
  • ipq6028_firmware
  • ipq6028
  • ipq6018_firmware
  • ipq6018
  • ipq6010_firmware
  • ipq6010
  • ipq6000_firmware
  • ipq6000
  • ipq5332_firmware
  • ipq5332
  • ipq5312_firmware
  • ipq5312
  • ipq5302_firmware
  • ipq5302
  • ipq5300_firmware
  • ipq5300
  • ipq5028_firmware
  • ipq5028
  • ipq5010_firmware
  • ipq5010
  • immersive_home_326_platform_firmware
  • immersive_home_326_platform
  • immersive_home_3210_platform_firmware
  • immersive_home_3210_platform
  • immersive_home_318_platform_firmware
  • immersive_home_318_platform
  • immersive_home_316_platform_firmware
  • immersive_home_316_platform
  • immersive_home_216_platform_firmware
  • immersive_home_216_platform
  • immersive_home_214_platform_firmware
  • immersive_home_214_platform
  • csr8811_firmware
  • csr8811
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -

Description

Memory corruption while redirecting log file to any file location with any file name.

Weaknesses

CWE-20
Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE ID: 20

Date

Published: Oct. 7, 2024, 1:15 p.m.

Last Modified: Oct. 16, 2024, 7:49 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@qualcomm.com

CPEs

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o qualcomm snapdragon_x65_5g_modem-rf_system_firmware - / / / / / / /
h qualcomm snapdragon_x65_5g_modem-rf_system - / / / / / / /
o qualcomm sdx65m_firmware - / / / / / / /
h qualcomm sdx65m - / / / / / / /
o qualcomm sdx55_firmware - / / / / / / /
h qualcomm sdx55 - / / / / / / /
o qualcomm qxm8083_firmware - / / / / / / /
h qualcomm qxm8083 - / / / / / / /
o qualcomm qcn9274_firmware - / / / / / / /
h qualcomm qcn9274 - / / / / / / /
o qualcomm qcn9160_firmware - / / / / / / /
h qualcomm qcn9160 - / / / / / / /
o qualcomm qcn9100_firmware - / / / / / / /
h qualcomm qcn9100 - / / / / / / /
o qualcomm qcn9074_firmware - / / / / / / /
h qualcomm qcn9074 - / / / / / / /
o qualcomm qcn9072_firmware - / / / / / / /
h qualcomm qcn9072 - / / / / / / /
o qualcomm qcn9070_firmware - / / / / / / /
h qualcomm qcn9070 - / / / / / / /
o qualcomm qcn9024_firmware - / / / / / / /
h qualcomm qcn9024 - / / / / / / /
o qualcomm qcn9022_firmware - / / / / / / /
h qualcomm qcn9022 - / / / / / / /
o qualcomm qcn9000_firmware - / / / / / / /
h qualcomm qcn9000 - / / / / / / /
o qualcomm qcn6432_firmware - / / / / / / /
h qualcomm qcn6432 - / / / / / / /
o qualcomm qcn6422_firmware - / / / / / / /
h qualcomm qcn6422 - / / / / / / /
o qualcomm qcn6412_firmware - / / / / / / /
h qualcomm qcn6412 - / / / / / / /
o qualcomm qcn6402_firmware - / / / / / / /
h qualcomm qcn6402 - / / / / / / /
o qualcomm qcn6132_firmware - / / / / / / /
h qualcomm qcn6132 - / / / / / / /
o qualcomm qcn6122_firmware - / / / / / / /
h qualcomm qcn6122 - / / / / / / /
o qualcomm qcn6112_firmware - / / / / / / /
h qualcomm qcn6112 - / / / / / / /
o qualcomm qcn6024_firmware - / / / / / / /
h qualcomm qcn6024 - / / / / / / /
o qualcomm qcn6023_firmware - / / / / / / /
h qualcomm qcn6023 - / / / / / / /
o qualcomm qcn5164_firmware - / / / / / / /
h qualcomm qcn5164 - / / / / / / /
o qualcomm qcn5154_firmware - / / / / / / /
h qualcomm qcn5154 - / / / / / / /
o qualcomm qcn5152_firmware - / / / / / / /
h qualcomm qcn5152 - / / / / / / /
o qualcomm qcn5124_firmware - / / / / / / /
h qualcomm qcn5124 - / / / / / / /
o qualcomm qcn5122_firmware - / / / / / / /
h qualcomm qcn5122 - / / / / / / /
o qualcomm qcn5052_firmware - / / / / / / /
h qualcomm qcn5052 - / / / / / / /
o qualcomm qcn5024_firmware - / / / / / / /
h qualcomm qcn5024 - / / / / / / /
o qualcomm qcn5022_firmware - / / / / / / /
h qualcomm qcn5022 - / / / / / / /
o qualcomm qcf8001_firmware - / / / / / / /
h qualcomm qcf8001 - / / / / / / /
o qualcomm qcf8000_firmware - / / / / / / /
h qualcomm qcf8000 - / / / / / / /
o qualcomm qca9889_firmware - / / / / / / /
h qualcomm qca9889 - / / / / / / /
o qualcomm qca9888_firmware - / / / / / / /
h qualcomm qca9888 - / / / / / / /
o qualcomm qca8386_firmware - / / / / / / /
h qualcomm qca8386 - / / / / / / /
o qualcomm qca8085_firmware - / / / / / / /
h qualcomm qca8085 - / / / / / / /
o qualcomm qca8084_firmware - / / / / / / /
h qualcomm qca8084 - / / / / / / /
o qualcomm qca8082_firmware - / / / / / / /
h qualcomm qca8082 - / / / / / / /
o qualcomm qca8081_firmware - / / / / / / /
h qualcomm qca8081 - / / / / / / /
o qualcomm qca8075_firmware - / / / / / / /
h qualcomm qca8075 - / / / / / / /
o qualcomm qca4024_firmware - / / / / / / /
h qualcomm qca4024 - / / / / / / /
o qualcomm ipq9574_firmware - / / / / / / /
h qualcomm ipq9574 - / / / / / / /
o qualcomm ipq9554_firmware - / / / / / / /
h qualcomm ipq9554 - / / / / / / /
o qualcomm ipq9008_firmware - / / / / / / /
h qualcomm ipq9008 - / / / / / / /
o qualcomm ipq8174_firmware - / / / / / / /
h qualcomm ipq8174 - / / / / / / /
o qualcomm ipq8173_firmware - / / / / / / /
h qualcomm ipq8173 - / / / / / / /
o qualcomm ipq8078a_firmware - / / / / / / /
h qualcomm ipq8078a - / / / / / / /
o qualcomm ipq8078_firmware - / / / / / / /
h qualcomm ipq8078 - / / / / / / /
o qualcomm ipq8076a_firmware - / / / / / / /
h qualcomm ipq8076a - / / / / / / /
o qualcomm ipq8076_firmware - / / / / / / /
h qualcomm ipq8076 - / / / / / / /
o qualcomm ipq8074a_firmware - / / / / / / /
h qualcomm ipq8074a - / / / / / / /
o qualcomm ipq8072a_firmware - / / / / / / /
h qualcomm ipq8072a - / / / / / / /
o qualcomm ipq8071a_firmware - / / / / / / /
h qualcomm ipq8071a - / / / / / / /
o qualcomm ipq8070a_firmware - / / / / / / /
h qualcomm ipq8070a - / / / / / / /
o qualcomm ipq6028_firmware - / / / / / / /
h qualcomm ipq6028 - / / / / / / /
o qualcomm ipq6018_firmware - / / / / / / /
h qualcomm ipq6018 - / / / / / / /
o qualcomm ipq6010_firmware - / / / / / / /
h qualcomm ipq6010 - / / / / / / /
o qualcomm ipq6000_firmware - / / / / / / /
h qualcomm ipq6000 - / / / / / / /
o qualcomm ipq5332_firmware - / / / / / / /
h qualcomm ipq5332 - / / / / / / /
o qualcomm ipq5312_firmware - / / / / / / /
h qualcomm ipq5312 - / / / / / / /
o qualcomm ipq5302_firmware - / / / / / / /
h qualcomm ipq5302 - / / / / / / /
o qualcomm ipq5300_firmware - / / / / / / /
h qualcomm ipq5300 - / / / / / / /
o qualcomm ipq5028_firmware - / / / / / / /
h qualcomm ipq5028 - / / / / / / /
o qualcomm ipq5010_firmware - / / / / / / /
h qualcomm ipq5010 - / / / / / / /
o qualcomm immersive_home_326_platform_firmware - / / / / / / /
h qualcomm immersive_home_326_platform - / / / / / / /
o qualcomm immersive_home_3210_platform_firmware - / / / / / / /
h qualcomm immersive_home_3210_platform - / / / / / / /
o qualcomm immersive_home_318_platform_firmware - / / / / / / /
h qualcomm immersive_home_318_platform - / / / / / / /
o qualcomm immersive_home_316_platform_firmware - / / / / / / /
h qualcomm immersive_home_316_platform - / / / / / / /
o qualcomm immersive_home_216_platform_firmware - / / / / / / /
h qualcomm immersive_home_216_platform - / / / / / / /
o qualcomm immersive_home_214_platform_firmware - / / / / / / /
h qualcomm immersive_home_214_platform - / / / / / / /
o qualcomm csr8811_firmware - / / / / / / /
h qualcomm csr8811 - / / / / / / /

CVSS Data

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score
9.8
Exploitability Score
3.9
Impact Score
5.9
Base Severity
CRITICAL
CVSS Vector String

The CVSS vector string provides an in-depth view of the vulnerability metrics.

View Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html
product-security@qualcomm.com