PT-2025-2511 · Qualcomm · Snapdragon+27

Published

2025-02-03

Updated

2025-02-03

CVE-2024-38414

CVSS v3.1

6.1

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions.

Description: The issue involves information disclosure during the processing of information on the firmware image during core initialization. This could potentially expose sensitive data.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Over-read

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-126CWE-125

Related Identifiers

BDU:2025-04036

CVE-2024-38414

Affected Products

Snapdragon

Fastconnect 6900 Firmware

Fastconnect 7800 Firmware

Qam8295P Firmware

Qca6174A Firmware

Qca6574Au Firmware

Qca6696 Firmware

Sa6145P Firmware

Sa6150P Firmware

Sa6155P Firmware

Sa8145P Firmware

Sa8150P Firmware

Sa8155P Firmware

Sa8195P Firmware

Sa8295P Firmware

Sa8530P Firmware

Sa8540P Firmware

Sa9000P Firmware

Snapdragon 888 5G Mobile Firmware

Snapdragon 8 Gen 1 Mobile Firmware

Snapdragon W5+ Gen 1 Wearable Firmware

Sw5100P Firmware

Wcd9380 Firmware

Wcd9385 Firmware

Wcn3980 Firmware

Wcn3988 Firmware

Wsa8830 Firmware

Wsa8835 Firmware

PT-2025-2511 · Qualcomm · Snapdragon+27

CVE-2024-38414

Weakness Enumeration

Related Identifiers

Affected Products

References · 5