CVE-2024-43063

information disclosure while invoking the mailbox read API.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8650p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8775p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sa8650p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8650p:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8775p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*

History

10 Jan 2025, 15:37

Type	Values Removed	Values Added
CPE		cpe:2.3:o:qualcomm:qca6595_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8540p:-:::::::* cpe:2.3:o:qualcomm:sa8255p_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8255p:-:::::::* cpe:2.3:o:qualcomm:qam8295p_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8295p:-:::::::* cpe:2.3:h:qualcomm:sa8295p:-:::::::* cpe:2.3:h:qualcomm:sa8650p:-:::::::* cpe:2.3:h:qualcomm:qca6595:-:::::::* cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8540p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8255p:-:::::::* cpe:2.3:h:qualcomm:qca6696:-:::::::* cpe:2.3:o:qualcomm:qam8650p_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8650p:-:::::::* cpe:2.3:o:qualcomm:sa8650p_firmware:-:::::::* cpe:2.3:o:qualcomm:srv1h_firmware:-:::::::* cpe:2.3:o:qualcomm:qam8775p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8770p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8295p_firmware:-:::::::* cpe:2.3:o:qualcomm:qam8255p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8775p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8775p:-:::::::* cpe:2.3:h:qualcomm:qamsrv1h:-:::::::* cpe:2.3:h:qualcomm:sa8770p:-:::::::* cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6595au:-:::::::* cpe:2.3:h:qualcomm:qca6698aq:-:::::::* cpe:2.3:h:qualcomm:sa9000p:-:::::::* cpe:2.3:h:qualcomm:srv1h:-:::::::* cpe:2.3:o:qualcomm:sa9000p_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8775p:-:::::::* cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:::::::*
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html - Vendor Advisory
Summary		(es) Divulgación de información al invocar la API de lectura del buzón.
CWE		CWE-125
First Time		Qualcomm sa8255p Firmware Qualcomm sa8540p Firmware Qualcomm qam8255p Firmware Qualcomm qca6698aq Firmware Qualcomm qam8295p Qualcomm qca6595 Qualcomm qca6595au Firmware Qualcomm qam8650p Qualcomm sa8775p Firmware Qualcomm sa8295p Qualcomm sa9000p Firmware Qualcomm qca6696 Firmware Qualcomm sa8770p Firmware Qualcomm sa8255p Qualcomm qam8295p Firmware Qualcomm qca6698aq Qualcomm qca6696 Qualcomm qam8775p Qualcomm qca6595au Qualcomm qam8255p Qualcomm qca6595 Firmware Qualcomm sa9000p Qualcomm sa8775p Qualcomm qamsrv1h Firmware Qualcomm sa8650p Qualcomm qam8650p Firmware Qualcomm qam8775p Firmware Qualcomm qamsrv1h Qualcomm sa8295p Firmware Qualcomm sa8650p Firmware Qualcomm srv1h Qualcomm srv1h Firmware Qualcomm sa8770p Qualcomm sa8540p Qualcomm

06 Jan 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-06 11:15

Updated : 2025-01-10 15:37

NVD link : CVE-2024-43063

Mitre link : CVE-2024-43063

CVE.ORG link : CVE-2024-43063

JSON object : View

Products Affected

qualcomm

qam8295p
qam8295p_firmware
qca6595_firmware
sa8770p_firmware
sa8255p
qca6696
sa9000p_firmware
sa8540p
qca6595au
qca6696_firmware
sa9000p
qca6595au_firmware
qca6698aq
sa8775p
qam8775p
qam8650p
qca6698aq_firmware
sa8650p
sa8775p_firmware
qam8255p
sa8770p
sa8295p
qamsrv1h
qamsrv1h_firmware
srv1h_firmware
sa8650p_firmware
qam8650p_firmware
sa8540p_firmware
qam8255p_firmware
srv1h
sa8255p_firmware
qca6595
qam8775p_firmware
sa8295p_firmware

CWE

CWE-126

Buffer Over-read

CWE-125

Out-of-bounds Read

6.1 /10