CVE-2024-21453 (GCVE-0-2024-21453)
Vulnerability from cvelistv5
Published
2024-04-01 15:06
Modified
2024-08-01 22:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
Transient DOS while decoding message of size that exceeds the available system memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Version: C-V2X 9150 Version: QCS410 Version: QCS610 Version: Qualcomm Video Collaboration VC1 Platform Version: Qualcomm Video Collaboration VC3 Platform Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon Auto 4G Modem Version: WCD9341 Version: WCD9370 Version: WCN3950 Version: WCN3980 Version: WSA8810 Version: WSA8815 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3980",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8810",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:a:qualcomm:c-v2x_9150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "c-v2x_9150",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs410",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qcs610",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "video_collaboration_vc1",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "video_collaboration_vc3",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_auto_5g_modem-rf",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:a:qualcomm:snapdragon_auto_4g_modem:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snapdragon_auto_4g_modem",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9341",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcd9370",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wcn3950",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wsa8815",
"vendor": "qualcomm",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-01T18:14:42.283096Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T14:05:32.525Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:20:40.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon Consumer IOT"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "C-V2X 9150"
},
{
"status": "affected",
"version": "QCS410"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC1 Platform"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "Snapdragon Auto 5G Modem-RF"
},
{
"status": "affected",
"version": "Snapdragon Auto 4G Modem"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Transient DOS while decoding message of size that exceeds the available system memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T08:39:02.719Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html"
}
],
"title": "Improper Input Validation in Automotive Telematics"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2024-21453",
"datePublished": "2024-04-01T15:06:01.731Z",
"dateReserved": "2023-12-12T06:07:46.902Z",
"dateUpdated": "2024-08-01T22:20:40.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-21453\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2024-04-01T15:15:48.417\",\"lastModified\":\"2025-08-11T15:06:17.607\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Transient DOS while decoding message of size that exceeds the available system memory.\"},{\"lang\":\"es\",\"value\":\"DOS transitorio mientras se decodifica un mensaje de tama\u00f1o que excede la memoria disponible del sistema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A725088-FC3B-4439-9189-72AA10954721\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B80D6366-4C0C-4C0D-9A38-769C66D62F0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC43BB27-0516-4750-A4C2-C45298441398\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969585DE-93D6-4406-A632-D838ECD4D5AD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E634F59C-6817-4898-A141-082044E66836\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29762819-EC90-499C-A8C6-1423DE3FE6B9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3607443-848D-4334-B5E4-0DC27F28509B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:video_collaboration_vc1_platform:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E8F00DD-C894-4236-8932-7F7FCD15D2A5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD4946C6-778F-4542-AB77-C9B86AF25C05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F1D604A-4530-42B3-80A0-58A82D658DDD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88AF39A5-F44E-4B14-AA6E-4F80D9EEB017\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A25FE8F-555A-4D85-8A94-A808B62EAE86\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C8F12FE-0057-4A13-9A7F-D12C114ECEF9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1271B0C7-2D91-4129-9B58-E6689DD68C39\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE852339-1CAE-4983-9757-8F00EDEF1141\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D9E96B3-F1BB-46F8-B715-7DF90180F1E1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1295D869-F4DD-4766-B4AA-3513752F43B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B98784DC-3143-4D38-AD28-DBBDCCAB4272\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FEF2DB6-00F5-4B07-953B-EF58B31267F1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"120E8F0F-EBEB-4565-9927-2D473F783EF7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C6E9038-9B18-4958-BE1E-215901C9B4B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B36D3274-F8D0-49C5-A6D5-95F5DC6D1950\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15307882-7039-43E9-9BA3-035045988B99\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA85B322-E593-4499-829A-CC6D70BAE884\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E870D82-DE3B-4199-A730-C8FB545BAA98\"}]}]}],\"references\":[{\"url\":\"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:20:40.696Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-21453\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-01T18:14:42.283096Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wcn3980\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wsa8810\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:qualcomm:c-v2x_9150:*:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"c-v2x_9150\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qcs410\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qcs610\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"video_collaboration_vc1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"video_collaboration_vc3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"snapdragon_auto_5g_modem-rf\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:qualcomm:snapdragon_auto_4g_modem:*:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"snapdragon_auto_4g_modem\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wcd9341\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wcd9370\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wcn3950\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wsa8815\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-01T13:51:06.193Z\"}}], \"cna\": {\"title\": \"Improper Input Validation in Automotive Telematics\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Qualcomm, Inc.\", \"product\": \"Snapdragon\", \"versions\": [{\"status\": \"affected\", \"version\": \"C-V2X 9150\"}, {\"status\": \"affected\", \"version\": \"QCS410\"}, {\"status\": \"affected\", \"version\": \"QCS610\"}, {\"status\": \"affected\", \"version\": \"Qualcomm Video Collaboration VC1 Platform\"}, {\"status\": \"affected\", \"version\": \"Qualcomm Video Collaboration VC3 Platform\"}, {\"status\": \"affected\", \"version\": \"Snapdragon Auto 5G Modem-RF\"}, {\"status\": \"affected\", \"version\": \"Snapdragon Auto 4G Modem\"}, {\"status\": \"affected\", \"version\": \"WCD9341\"}, {\"status\": \"affected\", \"version\": \"WCD9370\"}, {\"status\": \"affected\", \"version\": \"WCN3950\"}, {\"status\": \"affected\", \"version\": \"WCN3980\"}, {\"status\": \"affected\", \"version\": \"WSA8810\"}, {\"status\": \"affected\", \"version\": \"WSA8815\"}], \"platforms\": [\"Snapdragon Auto\", \"Snapdragon Consumer IOT\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Transient DOS while decoding message of size that exceeds the available system memory.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"shortName\": \"qualcomm\", \"dateUpdated\": \"2024-04-12T08:39:02.719Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-21453\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T22:20:40.696Z\", \"dateReserved\": \"2023-12-12T06:07:46.902Z\", \"assignerOrgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"datePublished\": \"2024-04-01T15:06:01.731Z\", \"assignerShortName\": \"qualcomm\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…