Vulnerabilities > Qualcomm > Snapdragon X70 Modem RF System Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-02 | CVE-2023-33110 | Race Condition vulnerability in Qualcomm products The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption. | 7.0 |
| 2023-12-05 | CVE-2023-28550 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in MPP performance while accessing DSM watermark using external memory address. | 7.8 |
| 2023-12-05 | CVE-2023-28551 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. | 7.8 |
| 2023-12-05 | CVE-2023-28585 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption while loading an ELF segment in TEE Kernel. | 8.8 |
| 2023-12-05 | CVE-2023-33018 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption while using the UIM diag command to get the operators name. | 7.8 |
| 2023-12-05 | CVE-2023-33042 | Improper Input Validation vulnerability in Qualcomm products Transient DOS in Modem after RRC Setup message is received. | 7.5 |
| 2023-12-05 | CVE-2023-33043 | Reachable Assertion vulnerability in Qualcomm products Transient DOS in Modem when a Beam switch request is made with a non-configured BWP. | 7.5 |
| 2023-12-05 | CVE-2023-33044 | Reachable Assertion vulnerability in Qualcomm products Transient DOS in Data modem while handling TLB control messages from the Network. | 7.5 |
| 2023-11-07 | CVE-2023-24852 | Out-of-bounds Write vulnerability in Qualcomm products Memory Corruption in Core due to secure memory access by user while loading modem image. | 7.8 |
| 2023-11-07 | CVE-2023-28545 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in TZ Secure OS while loading an app ELF. | 7.8 |