Log Manager Vulnerable to Memory Corruption via File Redirection
CVE-2024-21473

9.8CRITICAL

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 1 April 2024

Badges

📰 News Worthy

What is CVE-2024-21473?

A vulnerability has been identified that allows memory corruption when redirecting log files to arbitrary file locations and names in Qualcomm products. This flaw could lead to unauthorized access to sensitive files, compromised system integrity, and potential exploitation by attackers. Proper management and mitigation measures must be adopted to safeguard against this vulnerability.

Affected Version(s)

Snapdragon Snapdragon Mobile AR8035

Snapdragon Snapdragon Mobile AR9380

Snapdragon Snapdragon Mobile CSR8811

News Articles

prophaze.com

CVE-2024-21473

CVE-2024-21473 : QUALCOMM SNAPDRAGON FILE NAME MEMORY CORRUPTION - Cloud WAF

CVE-2024-21473 : Memory corruption while redirecting log file to any file location with any file name.

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by prophaze.com
Apr 2, 2024
Vulnerability published
Apr 1, 2024