Qualcomm Video Collaboration Vc3 Platform Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Video Collaboration Vc3 Platform Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2023-43551 — CVSS 9.1 (critical): Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send…
CVE-2024-23372 — CVSS 8.4 (high): Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size.
CVE-2024-23351 — CVSS 8.4 (high): Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.
CVE-2023-33113 — CVSS 8.4 (high): Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
CVE-2023-33114 — CVSS 8.4 (high): Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
CVE-2024-33035 — CVSS 8.4 (high): Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.
CVE-2024-33034 — CVSS 8.4 (high): Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory…
CVE-2024-33028 — CVSS 8.4 (high): Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
CVE-2024-33027 — CVSS 8.4 (high): Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page…
CVE-2023-33092 — CVSS 8.4 (high): Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
CVE-2026-24088 — CVSS 8.2 (high): Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
CVE-2025-21488 — CVSS 8.2 (high): Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.
CVE-2024-53026 — CVSS 8.2 (high): Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
CVE-2025-21427 — CVSS 8.2 (high): Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
CVE-2024-45552 — CVSS 8.2 (high): Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC…
CVE-2025-21484 — CVSS 8.2 (high): Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
CVE-2024-38408 — CVSS 8.2 (high): Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
CVE-2024-33073 — CVSS 8.2 (high): Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
CVE-2024-23359 — CVSS 8.2 (high): Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.
CVE-2025-21487 — CVSS 8.2 (high): Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the…
CVE-2024-49841 — CVSS 7.8 (high): Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
CVE-2023-28550 — CVSS 7.8 (high): Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-28551 — CVSS 7.8 (high): Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2023-28587 — CVSS 7.8 (high): Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.
CVE-2023-33115 — CVSS 7.8 (high): Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
CVE-2023-33117 — CVSS 7.8 (high): Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE…
CVE-2023-33118 — CVSS 7.8 (high): Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter…
CVE-2023-43513 — CVSS 7.8 (high): Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary…
CVE-2023-43542 — CVSS 7.8 (high): Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.
CVE-2023-43550 — CVSS 7.8 (high): Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.
CVE-2024-38410 — CVSS 7.8 (high): Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.
CVE-2024-43066 — CVSS 7.8 (high): Memory corruption while handling file descriptor during listener registration/de-registration.
CVE-2024-43067 — CVSS 7.8 (high): Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.
CVE-2024-45542 — CVSS 7.8 (high): Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
CVE-2024-45560 — CVSS 7.8 (high): Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.
CVE-2024-45564 — CVSS 7.8 (high): Memory corruption during concurrent access to server info object due to incorrect reference count update.
CVE-2024-45571 — CVSS 7.8 (high): Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
CVE-2024-45573 — CVSS 7.8 (high): Memory corruption may occour while generating test pattern due to negative indexing of display ID.
CVE-2025-21439 — CVSS 7.8 (high): Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.
CVE-2025-21440 — CVSS 7.8 (high): Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
CVE-2025-21441 — CVSS 7.8 (high): Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
CVE-2025-21453 — CVSS 7.8 (high): Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2025-21456 — CVSS 7.8 (high): Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.
CVE-2025-21468 — CVSS 7.8 (high): Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character…
CVE-2025-21469 — CVSS 7.8 (high): Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
CVE-2025-21470 — CVSS 7.8 (high): Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
CVE-2025-27031 — CVSS 7.8 (high): memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.
CVE-2025-27032 — CVSS 7.8 (high): memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency.
CVE-2025-27061 — CVSS 7.8 (high): Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.