Information Disclosure in Qualcomm RTP Packet Decoding
CVE-2024-53019

8.2HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 3 June 2025

What is CVE-2024-53019?

An information disclosure vulnerability exists in Qualcomm's RTP (Real-time Transport Protocol) decoder due to improper handling of header lengths for the number of contributing sources in RTP packets. This can lead to the unintended exposure of sensitive information. Users are advised to implement preventative measures and check for updates to mitigate potential risks.

Affected Version(s)

Snapdragon Snapdragon Auto FastConnect 6200

Snapdragon Snapdragon Auto FastConnect 6700

Snapdragon Snapdragon Auto FastConnect 6900

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 3, 2025
Vulnerability Reserved
Nov 19, 2024