Information Disclosure in APP Launch Information on Qualcomm Products
CVE-2024-38425

6.1MEDIUM

Key Information:

Vendor: Qualcomm
Status: Wsa8835 Firmware
Vendor: CVE Published:; 7 October 2024

Summary

A vulnerability exists in Qualcomm mobile platforms that may allow for the unintentional disclosure of information through the use of implicit broadcasts. Such broadcasts include APP launch information, which could be exploited to gain sensitive data. It is crucial for organizations leveraging Qualcomm technologies to implement appropriate security measures to safeguard against potential data exposure from affected devices.

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 7, 2024