CVE-2024-43047
HIGH KEVQualcomm FastConnect and QCA6174A/QAM8295P Firmware - Memory Corruption
Title source: llmExploitation Summary
CVE-2024-43047 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added October 8, 2024.
Description
Memory corruption while maintaining memory maps of HLOS memory.
References (2)
Core 2
Core References
Patch, Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43047
Scores
CVSS v3
7.8
EPSS
0.0203
EPSS Percentile
84.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2024-10-08
VulnCheck KEV
2024-07-29
InTheWild.io
2024-07-29
ENISA EUVD
EUVD-2024-40024
CWE
CWE-416
Status
published
Products (50)
qualcomm/fastconnect_6700_firmware
qualcomm/fastconnect_6800_firmware
qualcomm/fastconnect_6900_firmware
qualcomm/fastconnect_7800_firmware
qualcomm/qam8295p_firmware
qualcomm/qca6174a_firmware
qualcomm/qca6391_firmware
qualcomm/qca6426_firmware
qualcomm/qca6436_firmware
qualcomm/qca6574au_firmware
... and 40 more
Published
Oct 07, 2024
KEV Added
Oct 08, 2024
Tracked Since
Feb 18, 2026