Qualcomm Fastconnect 7800 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Fastconnect 7800 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2023-43551 — CVSS 9.1 (critical): Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send…
CVE-2023-43534 — CVSS 8.6 (high): Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.
CVE-2023-43520 — CVSS 8.6 (high): Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
CVE-2023-33119 — CVSS 8.4 (high): Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
CVE-2023-24844 — CVSS 8.4 (high): Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.
CVE-2023-33092 — CVSS 8.4 (high): Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
CVE-2024-33035 — CVSS 8.4 (high): Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.
CVE-2024-33034 — CVSS 8.4 (high): Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory…
CVE-2024-33028 — CVSS 8.4 (high): Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
CVE-2024-33023 — CVSS 8.4 (high): Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.
CVE-2024-53019 — CVSS 8.2 (high): Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.
CVE-2025-21484 — CVSS 8.2 (high): Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
CVE-2025-21487 — CVSS 8.2 (high): Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the…
CVE-2024-45552 — CVSS 8.2 (high): Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC…
CVE-2024-38408 — CVSS 8.2 (high): Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
CVE-2025-21488 — CVSS 8.2 (high): Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.
CVE-2026-24088 — CVSS 8.2 (high): Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
CVE-2024-33073 — CVSS 8.2 (high): Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-53011 — CVSS 7.9 (high): Information disclosure may occur due to improper permission and access controls to Video Analytics engine.
CVE-2023-28550 — CVSS 7.8 (high): Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-28551 — CVSS 7.8 (high): Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2023-33115 — CVSS 7.8 (high): Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
CVE-2023-33117 — CVSS 7.8 (high): Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE…
CVE-2023-33118 — CVSS 7.8 (high): Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter…
CVE-2023-43513 — CVSS 7.8 (high): Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary…
CVE-2024-38410 — CVSS 7.8 (high): Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.
CVE-2024-43060 — CVSS 7.8 (high): Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
CVE-2024-43061 — CVSS 7.8 (high): Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in…
CVE-2024-43062 — CVSS 7.8 (high): Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.
CVE-2024-43066 — CVSS 7.8 (high): Memory corruption while handling file descriptor during listener registration/de-registration.
CVE-2024-43067 — CVSS 7.8 (high): Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.
CVE-2024-45542 — CVSS 7.8 (high): Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
CVE-2024-45546 — CVSS 7.8 (high): Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.
CVE-2024-45547 — CVSS 7.8 (high): Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality.
CVE-2024-45548 — CVSS 7.8 (high): Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call.
CVE-2024-45550 — CVSS 7.8 (high): Memory corruption occurs when invoking any IOCTL-calling application that executes all MCDM driver IOCTL calls.
CVE-2024-45553 — CVSS 7.8 (high): Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another…
CVE-2024-45554 — CVSS 7.8 (high): Memory corruption during concurrent SSR execution due to race condition on the global maps list.
CVE-2024-45557 — CVSS 7.8 (high): Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.
CVE-2024-45560 — CVSS 7.8 (high): Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.
CVE-2024-45571 — CVSS 7.8 (high): Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
CVE-2024-45573 — CVSS 7.8 (high): Memory corruption may occour while generating test pattern due to negative indexing of display ID.
CVE-2024-45579 — CVSS 7.8 (high): Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a…