Qualcomm Ar6003 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Ar6003 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (37)
CVE-2021-1916 — CVSS 9.8 (critical): Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto…
CVE-2022-25720 — CVSS 9.8 (critical): Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1975 — CVSS 9.8 (critical): Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1972 — CVSS 9.8 (critical): Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1920 — CVSS 9.8 (critical): Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11170 — CVSS 9.8 (critical): Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in…
CVE-2023-43551 — CVSS 9.1 (critical): Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send…
CVE-2020-11166 — CVSS 9.1 (critical): Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in…
CVE-2020-11171 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11177 — CVSS 8.8 (high): User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in…
CVE-2021-30261 — CVSS 8.4 (high): Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in…
CVE-2021-35115 — CVSS 8.4 (high): Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile
CVE-2022-25682 — CVSS 8.4 (high): Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon…
CVE-2020-11251 — CVSS 8.2 (high): Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto…
CVE-2020-11191 — CVSS 8.2 (high): Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute…
CVE-2023-24848 — CVSS 8.2 (high): Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
CVE-2022-33264 — CVSS 7.9 (high): Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
CVE-2021-1973 — CVSS 7.8 (high): A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2021-30268 — CVSS 7.8 (high): Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon…
CVE-2020-11292 — CVSS 7.8 (high): Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon…
CVE-2021-30273 — CVSS 7.5 (high): Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon…
CVE-2021-30293 — CVSS 7.5 (high): Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2021-30344 — CVSS 7.5 (high): Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11279 — CVSS 7.5 (high): Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto…
CVE-2021-1955 — CVSS 7.5 (high): Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute…
CVE-2021-30284 — CVSS 7.5 (high): Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto…
CVE-2021-30270 — CVSS 7.3 (high): Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon…
CVE-2022-33289 — CVSS 6.8 (medium): Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
CVE-2022-33302 — CVSS 6.8 (medium): Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.