Vulnerability identifier: #VU86116
Vulnerability risk: High
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-121
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
AR8035
Mobile applications /
Mobile firmware & hardware
FastConnect 6900
Mobile applications /
Mobile firmware & hardware
FastConnect 7800
Mobile applications /
Mobile firmware & hardware
Flight RB5 5G Platform
Mobile applications /
Mobile firmware & hardware
QAM8255P
Mobile applications /
Mobile firmware & hardware
QAM8650P
Mobile applications /
Mobile firmware & hardware
QAM8775P
Mobile applications /
Mobile firmware & hardware
QAMSRV1H
Mobile applications /
Mobile firmware & hardware
QAMSRV1M
Mobile applications /
Mobile firmware & hardware
QCA6391
Mobile applications /
Mobile firmware & hardware
QCA6554A
Mobile applications /
Mobile firmware & hardware
QCA6564AU
Mobile applications /
Mobile firmware & hardware
QCA6574
Mobile applications /
Mobile firmware & hardware
QCA6574A
Mobile applications /
Mobile firmware & hardware
QCA6584AU
Mobile applications /
Mobile firmware & hardware
QCA6595
Mobile applications /
Mobile firmware & hardware
QCA6595AU
Mobile applications /
Mobile firmware & hardware
QCA6688AQ
Mobile applications /
Mobile firmware & hardware
QCA6696
Mobile applications /
Mobile firmware & hardware
QCA8081
Mobile applications /
Mobile firmware & hardware
QCA8337
Mobile applications /
Mobile firmware & hardware
QCC2073
Mobile applications /
Mobile firmware & hardware
QCC2076
Mobile applications /
Mobile firmware & hardware
QCC710
Mobile applications /
Mobile firmware & hardware
QCM8550
Mobile applications /
Mobile firmware & hardware
QCN6224
Mobile applications /
Mobile firmware & hardware
QCN6274
Mobile applications /
Mobile firmware & hardware
QCS7230
Mobile applications /
Mobile firmware & hardware
QCS8250
Mobile applications /
Mobile firmware & hardware
QCS8550
Mobile applications /
Mobile firmware & hardware
QFW7114
Mobile applications /
Mobile firmware & hardware
QFW7124
Mobile applications /
Mobile firmware & hardware
QRB5165N
Mobile applications /
Mobile firmware & hardware
Qualcomm Video Collaboration VC5 Platform
Mobile applications /
Mobile firmware & hardware
Robotics RB5 Platform
Mobile applications /
Mobile firmware & hardware
SA6145P
Mobile applications /
Mobile firmware & hardware
SA6150P
Mobile applications /
Mobile firmware & hardware
SA8145P
Mobile applications /
Mobile firmware & hardware
SA8150P
Mobile applications /
Mobile firmware & hardware
SA8155P
Mobile applications /
Mobile firmware & hardware
SA8195P
Mobile applications /
Mobile firmware & hardware
SA8255P
Mobile applications /
Mobile firmware & hardware
SA8650P
Mobile applications /
Mobile firmware & hardware
SA8770P
Mobile applications /
Mobile firmware & hardware
SA8775P
Mobile applications /
Mobile firmware & hardware
SM8550P
Mobile applications /
Mobile firmware & hardware
Snapdragon 8 Gen 2 Mobile Platform
Mobile applications /
Mobile firmware & hardware
Snapdragon 8+ Gen 2 Mobile Platform
Mobile applications /
Mobile firmware & hardware
Snapdragon AR2 Gen 1 Platform
Mobile applications /
Mobile firmware & hardware
Snapdragon X75 5G Modem-RF System
Mobile applications /
Mobile firmware & hardware
SRV1H
Mobile applications /
Mobile firmware & hardware
SRV1M
Mobile applications /
Mobile firmware & hardware
SSG2115P
Mobile applications /
Mobile firmware & hardware
SSG2125P
Mobile applications /
Mobile firmware & hardware
SXR1230P
Mobile applications /
Mobile firmware & hardware
SXR2230P
Mobile applications /
Mobile firmware & hardware
WCD9340
Mobile applications /
Mobile firmware & hardware
WCD9380
Mobile applications /
Mobile firmware & hardware
WCD9385
Mobile applications /
Mobile firmware & hardware
WCD9390
Mobile applications /
Mobile firmware & hardware
WCD9395
Mobile applications /
Mobile firmware & hardware
WSA8830
Mobile applications /
Mobile firmware & hardware
WSA8835
Mobile applications /
Mobile firmware & hardware
WSA8840
Mobile applications /
Mobile firmware & hardware
WSA8845
Mobile applications /
Mobile firmware & hardware
WSA8845H
Mobile applications /
Mobile firmware & hardware
QCA6574AU
Hardware solutions /
Firmware
SA6155P
Hardware solutions /
Firmware
SA9000P
Hardware solutions /
Firmware
WSA8832
Hardware solutions /
Firmware
Vendor: Qualcomm
Description
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in WLAN HOST. A remote attacker can read and manipulate data.
Mitigation
Install security update from vendor's website.
Vulnerable software versions
AR8035: All versions
FastConnect 6900: All versions
FastConnect 7800: All versions
Flight RB5 5G Platform: All versions
QAM8255P: All versions
QAM8650P: All versions
QAM8775P: All versions
QAMSRV1H: All versions
QAMSRV1M: All versions
QCA6391: All versions
QCA6554A: All versions
QCA6564AU: All versions
QCA6574: All versions
QCA6574A: All versions
QCA6574AU: All versions
QCA6584AU: All versions
QCA6595: All versions
QCA6595AU: All versions
QCA6688AQ: All versions
QCA6696: All versions
QCA8081: All versions
QCA8337: All versions
QCC2073: All versions
QCC2076: All versions
QCC710: All versions
QCM8550: All versions
QCN6224: All versions
QCN6274: All versions
QCS7230: All versions
QCS8250: All versions
QCS8550: All versions
QFW7114: All versions
QFW7124: All versions
QRB5165N: All versions
Qualcomm Video Collaboration VC5 Platform: All versions
Robotics RB5 Platform: All versions
SA6145P: All versions
SA6150P: All versions
SA6155P: All versions
SA8145P: All versions
SA8150P: All versions
SA8155P: All versions
SA8195P: All versions
SA8255P: All versions
SA8650P: All versions
SA8770P: All versions
SA8775P: All versions
SA9000P: All versions
SM8550P: All versions
Snapdragon 8 Gen 2 Mobile Platform: All versions
Snapdragon 8+ Gen 2 Mobile Platform: All versions
Snapdragon AR2 Gen 1 Platform: All versions
Snapdragon X75 5G Modem-RF System: All versions
SRV1H: All versions
SRV1M: All versions
SSG2115P: All versions
SSG2125P: All versions
SXR1230P: All versions
SXR2230P: All versions
WCD9340: All versions
WCD9380: All versions
WCD9385: All versions
WCD9390: All versions
WCD9395: All versions
WSA8830: All versions
WSA8832: All versions
WSA8835: All versions
WSA8840: All versions
WSA8845: All versions
WSA8845H: All versions
External links
http://docs.qualcomm.com/product/publicresources/securitybulletin/february-2024-bulletin.html
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.