Qualcomm Immersive Home 214 Platform Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Immersive Home 214 Platform Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2024-33073 — CVSS 8.2 (high): Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2026-24088 — CVSS 8.2 (high): Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
CVE-2024-38408 — CVSS 8.2 (high): Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
CVE-2023-43513 — CVSS 7.8 (high): Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary…
CVE-2024-33024 — CVSS 7.5 (high): Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
CVE-2024-33025 — CVSS 7.5 (high): Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-33026 — CVSS 7.5 (high): Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
CVE-2024-33049 — CVSS 7.5 (high): Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
CVE-2024-33011 — CVSS 7.5 (high): Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
CVE-2023-43511 — CVSS 7.5 (high): Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next…
CVE-2024-33012 — CVSS 7.5 (high): Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33013 — CVSS 7.5 (high): Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
CVE-2024-33015 — CVSS 7.5 (high): Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor…
CVE-2024-21482 — CVSS 6.8 (medium): Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs…