Qualcomm Video Collaboration Vc1 Platform Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Video Collaboration Vc1 Platform Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2023-43551 — CVSS 9.1 (critical): Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send…
CVE-2024-33034 — CVSS 8.4 (high): Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory…
CVE-2023-33113 — CVSS 8.4 (high): Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
CVE-2023-33114 — CVSS 8.4 (high): Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
CVE-2025-21487 — CVSS 8.2 (high): Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the…
CVE-2024-38408 — CVSS 8.2 (high): Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
CVE-2025-21484 — CVSS 8.2 (high): Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
CVE-2024-53026 — CVSS 8.2 (high): Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
CVE-2023-24848 — CVSS 8.2 (high): Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
CVE-2026-24088 — CVSS 8.2 (high): Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
CVE-2025-21488 — CVSS 8.2 (high): Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.
CVE-2024-45552 — CVSS 8.2 (high): Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC…
CVE-2025-21427 — CVSS 8.2 (high): Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
CVE-2025-21468 — CVSS 7.8 (high): Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character…
CVE-2023-28550 — CVSS 7.8 (high): Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-28551 — CVSS 7.8 (high): Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2026-24082 — CVSS 7.8 (high): Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
CVE-2025-47407 — CVSS 7.8 (high): Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.
CVE-2025-47396 — CVSS 7.8 (high): Memory corruption occurs when a secure application is launched on a device with insufficient memory.
CVE-2025-47394 — CVSS 7.8 (high): Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations.
CVE-2025-47389 — CVSS 7.8 (high): Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
CVE-2023-33117 — CVSS 7.8 (high): Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE…
CVE-2023-33118 — CVSS 7.8 (high): Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter…
CVE-2023-43513 — CVSS 7.8 (high): Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary…
CVE-2025-47379 — CVSS 7.8 (high): Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of…
CVE-2023-43550 — CVSS 7.8 (high): Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.
CVE-2024-21455 — CVSS 7.8 (high): Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.
CVE-2025-47377 — CVSS 7.8 (high): Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.
CVE-2025-27061 — CVSS 7.8 (high): Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
CVE-2024-43066 — CVSS 7.8 (high): Memory corruption while handling file descriptor during listener registration/de-registration.
CVE-2024-43067 — CVSS 7.8 (high): Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.
CVE-2025-21453 — CVSS 7.8 (high): Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2025-21456 — CVSS 7.8 (high): Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.
CVE-2023-33086 — CVSS 7.5 (high): Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.
CVE-2024-33050 — CVSS 7.5 (high): Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
CVE-2024-45558 — CVSS 7.5 (high): Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE…
CVE-2024-33011 — CVSS 7.5 (high): Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
CVE-2024-33012 — CVSS 7.5 (high): Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33015 — CVSS 7.5 (high): Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor…
CVE-2023-43529 — CVSS 7.5 (high): Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
CVE-2023-43511 — CVSS 7.5 (high): Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next…
CVE-2024-33032 — CVSS 6.7 (medium): Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.