📦 Snapdragon X70 Modem Rf System Firmware
by Qualcomm
🔍 What is Snapdragon X70 Modem Rf System Firmware?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows memory corruption during PLMN selection from the SOR failed list in Qualcomm chipsets, potentially enabling remote code execution. It affects devices using vulnerable Qualcom...
CVE-2023-28578 is a memory corruption vulnerability in Qualcomm Core Services that occurs when removing a single event listener. This allows attackers to potentially execute arbitrary code or cause de...
This CVE describes a memory corruption vulnerability in Qualcomm Core components that could allow attackers to execute arbitrary code or cause denial of service. It affects devices using vulnerable Qu...
This vulnerability allows memory corruption in Qualcomm's Data Modem when processing a non-standard SDP body during a VoLTE call. Attackers could potentially execute arbitrary code or cause denial of ...
This vulnerability allows memory corruption in Qualcomm's Diag handler when processing commands to configure event listeners. Attackers could potentially execute arbitrary code or cause denial of serv...
This vulnerability in Qualcomm Data Modem chips allows attackers to bypass TLS authentication during handshake, potentially enabling man-in-the-middle attacks. It affects devices using vulnerable Qual...
This vulnerability allows memory corruption in Qualcomm modem chipsets while processing security configuration before AS Security Exchange. Attackers could potentially execute arbitrary code on affect...
CVE-2022-33288 is a critical buffer overflow vulnerability in Qualcomm's Core component that allows memory corruption when sending SCM commands to retrieve write protection information. Attackers can ...
CVE-2022-33231 is a double-free memory corruption vulnerability in Qualcomm chipsets that occurs during encryption key initialization. Successful exploitation could allow attackers to execute arbitrar...
This vulnerability allows memory corruption when handling large GPR packets between user and root contexts in Qualcomm components. Attackers could potentially execute arbitrary code with elevated priv...
This CVE describes a cryptographic vulnerability in RSA PKCS padding decoding that could allow attackers to decrypt sensitive data or forge digital signatures. It affects Qualcomm products implementin...
This vulnerability allows attackers to cause a Denial of Service (DoS) condition in affected Qualcomm systems by sending specially crafted CCCH data with invalid length. The vulnerability affects mobi...
This vulnerability allows unauthorized information disclosure when creating MQ channels in affected Qualcomm products. Attackers can potentially access sensitive data that should be protected. This af...
CVE-2024-33056 is a memory corruption vulnerability in Qualcomm's Shared Memory (SMEM) subsystem that allows attackers to potentially execute arbitrary code or cause denial of service. This affects de...
This vulnerability allows attackers to cause a denial-of-service (DoS) condition in mobile devices by sending specially crafted MAC RAR messages with invalid PDU lengths, triggering a modem reset. It ...
This vulnerability involves a cryptographic issue in RSA key parsing in COBR format, potentially allowing attackers to bypass cryptographic protections or cause denial of service. It affects systems u...
This vulnerability allows attackers to cause a denial of service (DoS) in NAS (Network Access Stratum) implementations by sending specially crafted ODAC criteria in registration accept OTA messages. I...
This vulnerability involves memory corruption when an invoke call and a TEE (Trusted Execution Environment) call target the same trusted application simultaneously. It affects devices with Qualcomm ch...
This vulnerability allows a denial-of-service attack when loading Trusted Application (TA) ELF files on Qualcomm chipsets. It affects devices using Qualcomm processors with vulnerable firmware. Attack...
CVE-2023-33049 is a heap memory leak vulnerability in Qualcomm's Multi-Mode Call Processor that can cause a denial of service (DoS) when user equipment (UE) fails. This affects mobile devices and infr...
This vulnerability allows information disclosure in Qualcomm modem chipsets while processing System Information Block 5 (SIB5) messages. Attackers can potentially access sensitive information from aff...
This CVE describes a race condition vulnerability in Qualcomm's PCM host voice audio driver where improper session index handling during event callbacks and PCM close operations can lead to memory cor...
This vulnerability allows a remote attacker to cause a denial-of-service (DoS) condition in Qualcomm's Data Modem during DTLS handshake processing. It affects devices using Qualcomm chipsets with vuln...
This vulnerability in Qualcomm Core services allows information disclosure when processing Diag commands. Attackers could potentially access sensitive system information without proper authorization. ...
This vulnerability allows a denial-of-service (DoS) attack on Qualcomm modems when a beam switch request is made with a non-configured bandwidth part (BWP). It affects devices using Qualcomm modems wi...
This vulnerability allows memory corruption in Qualcomm modem UTILS when processing Diag commands with arbitrary address values. Attackers could potentially execute arbitrary code or cause denial of s...
This vulnerability allows memory corruption while loading ELF segments in the Trusted Execution Environment (TEE) kernel. Attackers could potentially execute arbitrary code in the TEE, compromising se...
This vulnerability allows memory corruption in Qualcomm's Core due to improper secure memory access while loading modem images. Attackers could potentially execute arbitrary code or cause denial of se...
This vulnerability allows memory corruption in Qualcomm's Core component when invoking calls to the Access Control core library with hardware-protected address ranges. It affects devices using Qualcom...
This vulnerability allows information disclosure in Qualcomm data modems during VoLTE calls when an undefined RTCP FB line value is processed. Attackers could potentially access sensitive information ...
This vulnerability allows memory corruption in Qualcomm data modem chipsets during mobile-originated or mobile-terminated VoLTE calls. Attackers could potentially execute arbitrary code or cause denia...
CVE-2022-40521 is an improper authorization vulnerability in Qualcomm modem firmware that allows attackers to cause a transient denial of service (DoS) by sending specially crafted requests. This affe...
This vulnerability allows attackers to exploit indirect branch misprediction in Qualcomm chipsets to leak sensitive information from the kernel memory. It affects devices using vulnerable Qualcomm Sna...
This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Qualcomm modems by sending specially crafted OTA (Over-The-Air) messages without proper authentication. It affects m...
This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Qualcomm modems by sending invalid network configuration data. The modem crashes due to a reachable assertion when p...
CVE-2022-33264 is a stack-based buffer overflow vulnerability in Qualcomm modem firmware that allows memory corruption when parsing OTASP Key Generation Request Messages. Successful exploitation could...
This vulnerability allows a denial-of-service (DoS) attack on mobile devices by sending a specially crafted Downlink Data Indication message to the modem. When exploited, it triggers a reachable asser...
This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Qualcomm modems by sending specially crafted invalid messages on the DCCH channel. The NULL pointer dereference can ...
This vulnerability is a time-of-check time-of-use (TOCTOU) race condition in Qualcomm modem firmware that allows a transient denial-of-service (DoS) attack when processing RRC Reconfiguration messages...
This vulnerability allows attackers to read sensitive information from image processing operations by manipulating offset and size parameters. It affects systems using Qualcomm components with vulnera...
This vulnerability allows attackers to read sensitive information from memory when processing specially crafted MBN files. It affects systems using Qualcomm chipsets that process MBN files, potentiall...