#VU99675 Reachable Assertion in Qualcomm products - CVE-2024-23385
Published: November 4, 2024
Vulnerability identifier: #VU99675
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-23385
CWE-ID: CWE-617
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
APQ8017
QCA6174A
QCA6574AU
SDM429W
SDX55
WSA8832
APQ8037
AR8035
FastConnect 6200
FastConnect 6700
FastConnect 6900
FastConnect 7800
FSM10055
FSM10056
MSM8108
MSM8209
MSM8608
QCA6574A
QCA6584AU
QCA6595AU
QCA6696
QCA6698AQ
QCA8081
QCA8337
QCC710
QCM4490
QCM8550
QCN6024
QCN6224
QCN6274
QCN9024
QCS4490
QCS8550
QEP8111
QFW7114
QFW7124
Qualcomm 205 Mobile Platform
SDX57M
SDX61
SDX71M
SG8275P
SM6370
SM8550P
SM8635
Smart Audio 200 Platform
Snapdragon 208 Processor
Snapdragon 210 Processor
Snapdragon 212 Mobile Platform
Snapdragon 4 Gen 1 Mobile Platform
Snapdragon 425 Mobile Platform
Snapdragon 429 Mobile Platform
Snapdragon 430 Mobile Platform
Snapdragon 439 Mobile Platform
Snapdragon 480 5G Mobile Platform
Snapdragon 480+ 5G Mobile Platform (SM4350-AC)
Snapdragon 695 5G Mobile Platform
Snapdragon 8 Gen 1 Mobile Platform
Snapdragon 8 Gen 2 Mobile Platform
Snapdragon 8 Gen 3 Mobile Platform
Snapdragon 8+ Gen 1 Mobile Platform
Snapdragon 8+ Gen 2 Mobile Platform
Snapdragon Auto 5G Modem-RF Gen 2
Snapdragon Wear 4100+ Platform
Snapdragon X35 5G Modem-RF System
Snapdragon X62 5G Modem-RF System
Snapdragon X65 5G Modem-RF System
Snapdragon X70 Modem-RF System
Snapdragon X72 5G Modem-RF System
Snapdragon X75 5G Modem-RF System
WCD9326
WCD9340
WCD9360
WCD9370
WCD9375
WCD9380
WCD9385
WCD9390
WCD9395
WCN3610
WCN3615
WCN3620
WCN3660B
WCN3680B
WCN3950
WCN3980
WCN3988
WCN6755
WSA8810
WSA8815
WSA8830
WSA8835
WSA8840
WSA8845
WSA8845H
APQ8017
QCA6174A
QCA6574AU
SDM429W
SDX55
WSA8832
APQ8037
AR8035
FastConnect 6200
FastConnect 6700
FastConnect 6900
FastConnect 7800
FSM10055
FSM10056
MSM8108
MSM8209
MSM8608
QCA6574A
QCA6584AU
QCA6595AU
QCA6696
QCA6698AQ
QCA8081
QCA8337
QCC710
QCM4490
QCM8550
QCN6024
QCN6224
QCN6274
QCN9024
QCS4490
QCS8550
QEP8111
QFW7114
QFW7124
Qualcomm 205 Mobile Platform
SDX57M
SDX61
SDX71M
SG8275P
SM6370
SM8550P
SM8635
Smart Audio 200 Platform
Snapdragon 208 Processor
Snapdragon 210 Processor
Snapdragon 212 Mobile Platform
Snapdragon 4 Gen 1 Mobile Platform
Snapdragon 425 Mobile Platform
Snapdragon 429 Mobile Platform
Snapdragon 430 Mobile Platform
Snapdragon 439 Mobile Platform
Snapdragon 480 5G Mobile Platform
Snapdragon 480+ 5G Mobile Platform (SM4350-AC)
Snapdragon 695 5G Mobile Platform
Snapdragon 8 Gen 1 Mobile Platform
Snapdragon 8 Gen 2 Mobile Platform
Snapdragon 8 Gen 3 Mobile Platform
Snapdragon 8+ Gen 1 Mobile Platform
Snapdragon 8+ Gen 2 Mobile Platform
Snapdragon Auto 5G Modem-RF Gen 2
Snapdragon Wear 4100+ Platform
Snapdragon X35 5G Modem-RF System
Snapdragon X62 5G Modem-RF System
Snapdragon X65 5G Modem-RF System
Snapdragon X70 Modem-RF System
Snapdragon X72 5G Modem-RF System
Snapdragon X75 5G Modem-RF System
WCD9326
WCD9340
WCD9360
WCD9370
WCD9375
WCD9380
WCD9385
WCD9390
WCD9395
WCN3610
WCN3615
WCN3620
WCN3660B
WCN3680B
WCN3950
WCN3980
WCN3988
WCN6755
WSA8810
WSA8815
WSA8830
WSA8835
WSA8840
WSA8845
WSA8845H
Software vendor:
Qualcomm
Qualcomm
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
Remediation
Install security update from vendor's website.