CVE-2024-23350

MEDIUM

Qualcomm Wsa8845h Firmware - Reachable Assertion

Title source: rule

Description

Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.

References (1)

[Vendor Advisory] https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html

Scores

CVSS v3 6.5

EPSS 0.0010

EPSS Percentile 27.4%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-617

Status published

Products (25)

qualcomm/ar8035_firmware

qualcomm/fastconnect_6900_firmware

qualcomm/fastconnect_7800_firmware

qualcomm/qca6174a_firmware

qualcomm/qca6584au_firmware

qualcomm/qca6698aq_firmware

qualcomm/qca8081_firmware

qualcomm/qca8337_firmware

qualcomm/qcc710_firmware

qualcomm/qcn6224_firmware

... and 15 more

Published Aug 05, 2024

Tracked Since Feb 18, 2026