{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-21453", "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "state": "PUBLISHED", "assignerShortName": "qualcomm", "dateReserved": "2023-12-12T06:07:46.902Z", "datePublished": "2024-04-01T15:06:01.731Z", "dateUpdated": "2024-08-01T22:20:40.696Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Snapdragon Auto", "Snapdragon Consumer IOT"], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "C-V2X 9150"}, {"status": "affected", "version": "QCS410"}, {"status": "affected", "version": "QCS610"}, {"status": "affected", "version": "Qualcomm Video Collaboration VC1 Platform"}, {"status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform"}, {"status": "affected", "version": "Snapdragon Auto 5G Modem-RF"}, {"status": "affected", "version": "Snapdragon Auto 4G Modem"}, {"status": "affected", "version": "WCD9341"}, {"status": "affected", "version": "WCD9370"}, {"status": "affected", "version": "WCN3950"}, {"status": "affected", "version": "WCN3980"}, {"status": "affected", "version": "WSA8810"}, {"status": "affected", "version": "WSA8815"}]}], "descriptions": [{"lang": "en", "value": "Transient DOS while decoding message of size that exceeds the available system memory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm", "dateUpdated": "2024-04-12T08:39:02.719Z"}, "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html"}], "title": "Improper Input Validation in Automotive Telematics"}, "adp": [{"affected": [{"vendor": "qualcomm", "product": "wcn3980", "cpes": ["cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "wsa8810", "cpes": ["cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "c-v2x_9150", "cpes": ["cpe:2.3:a:qualcomm:c-v2x_9150:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "qcs410", "cpes": ["cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "qcs610", "cpes": ["cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "video_collaboration_vc1", "cpes": ["cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "video_collaboration_vc3", "cpes": ["cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "snapdragon_auto_5g_modem-rf", "cpes": ["cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "snapdragon_auto_4g_modem", "cpes": ["cpe:2.3:a:qualcomm:snapdragon_auto_4g_modem:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "wcd9341", "cpes": ["cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "wcd9370", "cpes": ["cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "wcn3950", "cpes": ["cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "qualcomm", "product": "wsa8815", "cpes": ["cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-04-01T18:14:42.283096Z", "id": "CVE-2024-21453", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-01T14:05:32.525Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:20:40.696Z"}, "title": "CVE Program Container", "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:20:40.696Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-21453", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-01T18:14:42.283096Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wcn3980", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wsa8810", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:qualcomm:c-v2x_9150:*:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "c-v2x_9150", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "qcs410", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "qcs610", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "video_collaboration_vc1", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "video_collaboration_vc3", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "snapdragon_auto_5g_modem-rf", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:qualcomm:snapdragon_auto_4g_modem:*:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "snapdragon_auto_4g_modem", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wcd9341", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wcd9370", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wcn3950", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wsa8815", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-01T13:51:06.193Z"}}], "cna": {"title": "Improper Input Validation in Automotive Telematics", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Qualcomm, Inc.", "product": "Snapdragon", "versions": [{"status": "affected", "version": "C-V2X 9150"}, {"status": "affected", "version": "QCS410"}, {"status": "affected", "version": "QCS610"}, {"status": "affected", "version": "Qualcomm Video Collaboration VC1 Platform"}, {"status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform"}, {"status": "affected", "version": "Snapdragon Auto 5G Modem-RF"}, {"status": "affected", "version": "Snapdragon Auto 4G Modem"}, {"status": "affected", "version": "WCD9341"}, {"status": "affected", "version": "WCD9370"}, {"status": "affected", "version": "WCN3950"}, {"status": "affected", "version": "WCN3980"}, {"status": "affected", "version": "WSA8810"}, {"status": "affected", "version": "WSA8815"}], "platforms": ["Snapdragon Auto", "Snapdragon Consumer IOT"], "defaultStatus": "unaffected"}], "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html"}], "descriptions": [{"lang": "en", "value": "Transient DOS while decoding message of size that exceeds the available system memory."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm", "dateUpdated": "2024-04-12T08:39:02.719Z"}}}, "cveMetadata": {"cveId": "CVE-2024-21453", "state": "PUBLISHED", "dateUpdated": "2024-08-01T22:20:40.696Z", "dateReserved": "2023-12-12T06:07:46.902Z", "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "datePublished": "2024-04-01T15:06:01.731Z", "assignerShortName": "qualcomm"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A725088-FC3B-4439-9189-72AA10954721", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*", "matchCriteriaId": "B80D6366-4C0C-4C0D-9A38-769C66D62F0F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:video_collaboration_vc1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "25811F6A-AC23-4DCC-A987-B91E98EA7FB0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB0C4385-336B-4E10-B776-0AE51EBB6A12", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:video_collaboration_vc3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "77397AFD-F4B1-437E-AB50-99EE6F305859", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*", "matchCriteriaId": "50FAF626-07C9-42CB-B92B-C263D66CF27D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "88AF39A5-F44E-4B14-AA6E-4F80D9EEB017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A25FE8F-555A-4D85-8A94-A808B62EAE86", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C8F12FE-0057-4A13-9A7F-D12C114ECEF9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*", "matchCriteriaId": "1271B0C7-2D91-4129-9B58-E6689DD68C39", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Transient DOS while decoding message of size that exceeds the available system memory."}, {"lang": "es", "value": "DOS transitorio mientras se decodifica un mensaje de tama\u00f1o que excede la memoria disponible del sistema."}], "id": "CVE-2024-21453", "lastModified": "2025-01-13T21:55:00.293", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "product-security@qualcomm.com", "type": "Secondary"}]}, "published": "2024-04-01T15:15:48.417", "references": [{"source": "product-security@qualcomm.com", "tags": ["Vendor Advisory"], "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html"}], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "product-security@qualcomm.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}