Memory Corruption Vulnerability in Qualcomm Products
CVE-2024-45569

9.8CRITICAL

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 3 February 2025

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-45569?

This vulnerability involves memory corruption during the parsing of the ML Information Element (IE) due to improperly formatted frame content. Attackers could exploit this flaw to execute arbitrary code, potentially leading to unauthorized access or disruption of services. It highlights the necessity for robust validation mechanisms in parsing operations to safeguard against such threats.

Affected Version(s)

Snapdragon Snapdragon Auto AR8035

Snapdragon Snapdragon Auto CSR8811

Snapdragon Snapdragon Auto FastConnect 6700

News Articles

BleepingComputer

CVE-2024-45569

Google fixes Android kernel zero-day exploited in attacks

The January 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability tagged as exploited in the wild.

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Feb 3, 2025
📰
First article discovered by BleepingComputer
Feb 3, 2025
Vulnerability published
Feb 3, 2025
Vulnerability Reserved
Sep 2, 2024