CVE-2024-33031

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-33031
Memory corruption while processing the update SIM PB records request.

6.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_x75_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x75_5g_modem-rf_system:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_x72_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x72_5g_modem-rf_system:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_429_mobile_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_429_mobile_platform:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:qfw7124_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfw7124:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:qfw7114_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfw7114:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6274:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6224:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:qcc710_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcc710:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
History

07 Nov 2024, 20:02

Type Values Removed Values Added
CWE NVD-CWE-noinfo
References () https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html - () https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html - Patch, Vendor Advisory
CPE cpe:2.3:o:qualcomm:qfw7114_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_429_mobile_platform:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_x75_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6224:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcc710_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcc710:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qfw7124_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x72_5g_modem-rf_system:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_x75_5g_modem-rf_system:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfw7114:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_429_mobile_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfw7124:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn6274:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_x72_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*
First Time Qualcomm snapdragon X75 5g Modem-rf System Firmware
Qualcomm snapdragon X75 5g Modem-rf System
Qualcomm qcc710 Firmware
Qualcomm wcn3660b Firmware
Qualcomm qca8081 Firmware
Qualcomm snapdragon X72 5g Modem-rf System
Qualcomm qca8337 Firmware
Qualcomm fastconnect 7800 Firmware
Qualcomm qcn6224
Qualcomm qcc710
Qualcomm sdm429w
Qualcomm ar8035
Qualcomm wcn3620
Qualcomm wcn3620 Firmware
Qualcomm qfw7114 Firmware
Qualcomm wcd9340
Qualcomm snapdragon 429 Mobile Platform
Qualcomm fastconnect 7800
Qualcomm qfw7124 Firmware
Qualcomm
Qualcomm sdm429w Firmware
Qualcomm qfw7114
Qualcomm snapdragon 429 Mobile Platform Firmware
Qualcomm qca8081
Qualcomm qcn6274
Qualcomm qfw7124
Qualcomm qcn6224 Firmware
Qualcomm qcn6274 Firmware
Qualcomm ar8035 Firmware
Qualcomm wcn3660b
Qualcomm qca8337
Qualcomm snapdragon X72 5g Modem-rf System Firmware
Qualcomm wcd9340 Firmware
Summary
  • (es) Corrupción de memoria durante el procesamiento de la solicitud de actualización de registros PB de SIM.

04 Nov 2024, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-04 10:15

Updated : 2024-11-07 20:02

NVD link : CVE-2024-33031

Mitre link : CVE-2024-33031

CVE.ORG link : CVE-2024-33031

JSON object : View

Products Affected

qualcomm

  • ar8035
  • qfw7114_firmware
  • fastconnect_7800
  • qca8081_firmware
  • qcn6274
  • wcn3620
  • qca8337
  • snapdragon_429_mobile_platform
  • snapdragon_x72_5g_modem-rf_system
  • qcn6224_firmware
  • sdm429w_firmware
  • ar8035_firmware
  • qcc710
  • sdm429w
  • qcn6224
  • qca8337_firmware
  • wcd9340
  • snapdragon_x72_5g_modem-rf_system_firmware
  • snapdragon_429_mobile_platform_firmware
  • wcd9340_firmware
  • qca8081
  • snapdragon_x75_5g_modem-rf_system_firmware
  • fastconnect_7800_firmware
  • qfw7124_firmware
  • snapdragon_x75_5g_modem-rf_system
  • wcn3660b_firmware
  • qfw7114
  • qfw7124
  • wcn3660b
  • qcn6274_firmware
  • qcc710_firmware
  • wcn3620_firmware
CWE
NVD-CWE-noinfo CWE-20

Improper Input Validation