What is the severity of CVE-2024-38414?

CVE-2024-38414 is classified as an information disclosure vulnerability.

What types of devices are affected by CVE-2024-38414?

CVE-2024-38414 affects various Qualcomm firmware images used in devices like Fastconnect and Snapdragon.

How can I mitigate CVE-2024-38414?

To mitigate CVE-2024-38414, update to the latest firmware version provided by Qualcomm.

Can CVE-2024-38414 be exploited remotely?

Yes, CVE-2024-38414 has the potential for remote exploitation due to information disclosure.

What kind of data is at risk from CVE-2024-38414?

CVE-2024-38414 may expose sensitive information during the processing of firmware images.

Vulnerability/
CVE-2024-38414

medium

6.1

CWE

126 125

3/2/2025

5/2/2025

CVE-2024-38414

First published: Mon Feb 03 2025(Updated: )

Information disclosure while processing information on firmware image during core initialization.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
All of
qualcomm fastconnect 6900 Firmware
qualcomm fastconnect 6900
All of
qualcomm fastconnect 7800 firmware
qualcomm fastconnect 7800
All of
qualcomm qam8295p firmware
qualcomm qam8295p
All of
Qualcomm qca6174a firmware
Qualcomm qca6174a
All of
qualcomm qca6574au firmware
qualcomm qca6574au
All of
qualcomm qca6696 firmware
qualcomm qca6696
All of
Qualcomm sa6145p firmware
Qualcomm sa6145p
All of
Qualcomm sa6150p firmware
Qualcomm sa6150p
All of
Qualcomm Sa6155p Firmware
qualcomm SA6155P
All of
qualcomm sa8145p firmware
qualcomm sa8145p
All of
Qualcomm sa8150p firmware
Qualcomm sa8150p
All of
Qualcomm sa8155p firmware
Qualcomm sa8155p
All of
Qualcomm sa8195p firmware
Qualcomm sa8195p
All of
qualcomm sa8295p firmware
qualcomm sa8295p
All of
qualcomm sa8530p firmware
qualcomm sa8530p
All of
Qualcomm sa8540p firmware
Qualcomm sa8540p
All of
qualcomm sa9000p firmware
qualcomm sa9000p
All of
qualcomm snapdragon 8 gen 1 mobile firmware
Qualcomm Snapdragon 8 Gen 1
All of
qualcomm snapdragon 888 5g mobile firmware
qualcomm snapdragon 888 5g mobile
All of
qualcomm snapdragon 888\+ 5g mobile firmware
qualcomm snapdragon 888\+ 5g mobile
All of
qualcomm snapdragon w5\+ gen 1 wearable firmware
qualcomm snapdragon w5\+ gen 1 wearable
All of
qualcomm sw5100 firmware
qualcomm sw5100
All of
qualcomm sw5100p firmware
qualcomm sw5100p
All of
qualcomm wcd9380 firmware
qualcomm wcd9380
All of
qualcomm wcd9385 firmware
qualcomm wcd9385
All of
qualcomm wcn3980 firmware
Qualcomm Wcn3980
All of
qualcomm wcn3988 firmware
Qualcomm WCN3988
All of
qualcomm wsa8830 firmware
qualcomm wsa8830
All of
qualcomm wsa8835 firmware
qualcomm wsa8835

Remedy

https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html

Never miss a vulnerability like this again

Reference Links

https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html

Frequently Asked Questions

What is the severity of CVE-2024-38414?
CVE-2024-38414 is classified as an information disclosure vulnerability.
What types of devices are affected by CVE-2024-38414?
CVE-2024-38414 affects various Qualcomm firmware images used in devices like Fastconnect and Snapdragon.
How can I mitigate CVE-2024-38414?
To mitigate CVE-2024-38414, update to the latest firmware version provided by Qualcomm.
Can CVE-2024-38414 be exploited remotely?
Yes, CVE-2024-38414 has the potential for remote exploitation due to information disclosure.
What kind of data is at risk from CVE-2024-38414?
CVE-2024-38414 may expose sensitive information during the processing of firmware images.

CVE-2024-38414

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-38414?

What types of devices are affected by CVE-2024-38414?

How can I mitigate CVE-2024-38414?

Can CVE-2024-38414 be exploited remotely?

What kind of data is at risk from CVE-2024-38414?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-38414?

What types of devices are affected by CVE-2024-38414?

How can I mitigate CVE-2024-38414?

Can CVE-2024-38414 be exploited remotely?

What kind of data is at risk from CVE-2024-38414?