PT-2025-19866 · Qualcomm · Snapdragon+28

Published

2025-05-06

Updated

2025-05-07

CVE-2024-49846

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions The product name cannot be determined.

Description The issue involves memory corruption that occurs during the decoding of Over-The-Air (OTA) messages from T3448 IE. This corruption happens due to a problem in the decoding process of these messages.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Over-read

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-126CWE-125

Related Identifiers

CVE-2024-49846

Affected Products

Snapdragon

Ar8035 Firmware

Fastconnect 7800 Firmware

Qca6574Au Firmware

Qca6595Au Firmware

Qca6678Aq Firmware

Qca6688Aq Firmware

Qca6698Aq Firmware

Qca8081 Firmware

Qca8337 Firmware

Qcc710 Firmware

Qcn6224 Firmware

Qcn6274 Firmware

Qfw7114 Firmware

Qfw7124 Firmware

Sdx80M Firmware

Sm8750 Firmware

Snapdragon Auto 5G Modem-Rf Gen 2 Firmware

Snapdragon W5+ Gen 1 Wearable Firmware

Snapdragon X72 5G Modem-Rf System Firmware

Snapdragon X75 5G Modem-Rf System Firmware

Sw5100P Firmware

Wcd9340 Firmware

Wcd9395 Firmware

Wsa8830 Firmware

Wsa8832 Firmware

Wsa8835 Firmware

Wsa8840 Firmware

Wsa8845 Firmware

PT-2025-19866 · Qualcomm · Snapdragon+28

CVE-2024-49846

Weakness Enumeration

Related Identifiers

Affected Products

References · 5