CVE-2024-53025

March 6, 2025, 5:53 p.m.

5.5
Medium

Description

Transient DOS can occur while processing UCI command.

Product(s) Impacted

Vendor Product Versions
Qualcomm
  • Fastconnect 7800 Firmware
  • Fastconnect 7800
  • Sm8750 Firmware
  • Sm8750
  • Sm8750p Firmware
  • Sm8750p
  • Snapdragon 8 Gen 3 Firmware
  • Snapdragon 8 Gen 3
  • Wcd9390 Firmware
  • Wcd9390
  • Wcd9395 Firmware
  • Wcd9395
  • Wcn6450 Firmware
  • Wcn6450
  • Wcn6755 Firmware
  • Wcn6755
  • Wcn7860 Firmware
  • Wcn7860
  • Wcn7861 Firmware
  • Wcn7861
  • Wcn7880 Firmware
  • Wcn7880
  • Wcn7881 Firmware
  • Wcn7881
  • Wsa8830 Firmware
  • Wsa8830
  • Wsa8832 Firmware
  • Wsa8832
  • Wsa8835 Firmware
  • Wsa8835
  • Wsa8840 Firmware
  • Wsa8840
  • Wsa8845 Firmware
  • Wsa8845
  • Wsa8845h Firmware
  • Wsa8845h
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-190
Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o qualcomm fastconnect_7800_firmware - / / / / / / /
h qualcomm fastconnect_7800 / / / / / / / /
o qualcomm sm8750_firmware - / / / / / / /
h qualcomm sm8750 / / / / / / / /
o qualcomm sm8750p_firmware - / / / / / / /
h qualcomm sm8750p / / / / / / / /
o qualcomm snapdragon_8_gen_3_firmware - / / / / / / /
h qualcomm snapdragon_8_gen_3 / / / / / / / /
o qualcomm wcd9390_firmware - / / / / / / /
h qualcomm wcd9390 / / / / / / / /
o qualcomm wcd9395_firmware - / / / / / / /
h qualcomm wcd9395 / / / / / / / /
o qualcomm wcn6450_firmware - / / / / / / /
h qualcomm wcn6450 / / / / / / / /
o qualcomm wcn6755_firmware - / / / / / / /
h qualcomm wcn6755 / / / / / / / /
o qualcomm wcn7860_firmware - / / / / / / /
h qualcomm wcn7860 / / / / / / / /
o qualcomm wcn7861_firmware - / / / / / / /
h qualcomm wcn7861 / / / / / / / /
o qualcomm wcn7880_firmware - / / / / / / /
h qualcomm wcn7880 / / / / / / / /
o qualcomm wcn7881_firmware - / / / / / / /
h qualcomm wcn7881 / / / / / / / /
o qualcomm wsa8830_firmware - / / / / / / /
h qualcomm wsa8830 / / / / / / / /
o qualcomm wsa8832_firmware - / / / / / / /
h qualcomm wsa8832 / / / / / / / /
o qualcomm wsa8835_firmware - / / / / / / /
h qualcomm wsa8835 / / / / / / / /
o qualcomm wsa8840_firmware - / / / / / / /
h qualcomm wsa8840 / / / / / / / /
o qualcomm wsa8845_firmware - / / / / / / /
h qualcomm wsa8845 / / / / / / / /
o qualcomm wsa8845h_firmware - / / / / / / /
h qualcomm wsa8845h / / / / / / / /

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html

Tags

CWE-190
product-security@qualcomm.com
2025-03-03
CVE-2024-53025

CVSS Score

5.5 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: HIGH

    • CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

    View Vector String

Timeline

Published: March 3, 2025, 11:15 a.m.
Last Modified: March 6, 2025, 5:53 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@qualcomm.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.