CVE-2024-21452: Improper Input Validation in Automotive Telematics
First published: Mon Apr 01 2024(Updated: )
Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Qualcomm C-V2X 9150 | ||
| Qualcomm C-V2X 9150 Firmware | ||
| All of | ||
| Qualcomm QCA6584AU Firmware | ||
| Qualcomm QCA6584AU firmware | ||
| All of | ||
| Qualcomm QCA6698AQ | ||
| Qualcomm QCA6698AQ Firmware | ||
| All of | ||
| Qualcomm Auto 5G Modem-RF Firmware | ||
| Qualcomm Auto 5G Modem-RF Firmware | ||
| All of | ||
| Qualcomm Snapdragon Auto 5G-RF Gen 2 Firmware | ||
| Qualcomm Snapdragon Auto 5G Modem-RF | ||
| All of | ||
| Qualcomm Snapdragon Auto 4G Modem | ||
| Qualcomm Snapdragon Auto 4G Modem Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-21452?
CVE-2024-21452 has been rated as a transient Denial of Service vulnerability that arises during the decoding of ASN.1 OER messages.
How do I fix CVE-2024-21452?
To mitigate CVE-2024-21452, it is advised to apply the necessary security patches released by Qualcomm for the affected firmware.
Which Qualcomm firmware is affected by CVE-2024-21452?
CVE-2024-21452 impacts Qualcomm firmware versions across various products including C-v2x 9150, Qca6584au, Qca6698aq, and Snapdragon Auto series.
What could be the potential impact of exploiting CVE-2024-21452?
Exploitation of CVE-2024-21452 may lead to a Denial of Service condition, affecting the availability of the device.
Is there an official advisory for CVE-2024-21452?
Yes, Qualcomm has provided a security bulletin addressing CVE-2024-21452 with recommended actions for affected users.
- agent/references
- agent/title
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/qualcomm
- canonical/qualcomm c-v2x 9150
- canonical/qualcomm c-v2x 9150 firmware
- canonical/qualcomm qca6584au firmware
- canonical/qualcomm qca6698aq
- canonical/qualcomm qca6698aq firmware
- canonical/qualcomm auto 5g modem-rf firmware
- canonical/qualcomm snapdragon auto 5g-rf gen 2 firmware
- canonical/qualcomm snapdragon auto 5g modem-rf
- canonical/qualcomm snapdragon auto 4g modem
- canonical/qualcomm snapdragon auto 4g modem firmware