Vulnerabilities > Qualcomm > Snapdragon X70 Modem RF System Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-28551 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. | 7.8 |
| 2023-12-05 | CVE-2023-28585 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption while loading an ELF segment in TEE Kernel. | 8.8 |
| 2023-12-05 | CVE-2023-33018 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption while using the UIM diag command to get the operators name. | 7.8 |
| 2023-12-05 | CVE-2023-33042 | Improper Input Validation vulnerability in Qualcomm products Transient DOS in Modem after RRC Setup message is received. | 7.5 |
| 2023-12-05 | CVE-2023-33043 | Reachable Assertion vulnerability in Qualcomm products Transient DOS in Modem when a Beam switch request is made with a non-configured BWP. | 7.5 |
| 2023-12-05 | CVE-2023-33044 | Reachable Assertion vulnerability in Qualcomm products Transient DOS in Data modem while handling TLB control messages from the Network. | 7.5 |
| 2023-11-07 | CVE-2023-24852 | Out-of-bounds Write vulnerability in Qualcomm products Memory Corruption in Core due to secure memory access by user while loading modem image. | 7.8 |
| 2023-11-07 | CVE-2023-28545 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in TZ Secure OS while loading an app ELF. | 7.8 |
| 2023-11-07 | CVE-2023-28574 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in core services when Diag handler receives a command to configure event listeners. | 7.8 |
| 2023-10-03 | CVE-2023-24844 | Unspecified vulnerability in Qualcomm products Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range. | 7.8 |