Memory Corruption Vulnerability in Qualcomm Products
CVE-2024-45569

9.8CRITICAL

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 3 February 2025

Badges

👾 Exploit Exists📰 News Worthy

Summary

This vulnerability involves memory corruption during the parsing of the ML Information Element (IE) due to improperly formatted frame content. Attackers could exploit this flaw to execute arbitrary code, potentially leading to unauthorized access or disruption of services. It highlights the necessity for robust validation mechanisms in parsing operations to safeguard against such threats.

Affected Version(s)

Snapdragon Snapdragon Auto AR8035

Snapdragon Snapdragon Auto CSR8811

Snapdragon Snapdragon Auto FastConnect 6700

News Articles

🔗BleepingComputer

CVE-2024-45569

Google fixes Android kernel zero-day exploited in attacks

The January 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability tagged as exploited in the wild.

1 week ago

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Feb 3, 2025
📰
First article discovered by BleepingComputer
Feb 3, 2025
Vulnerability published
Feb 3, 2025
Vulnerability Reserved
Sep 2, 2024

Key Information:

Badges

Summary

Affected Version(s)

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

Google fixes Android kernel zero-day exploited in attacks

References

CVSS V3.1

Timeline