CVE-2024-38425: Improper Authorization in Performance
First published: Mon Oct 07 2024(Updated: )
Information disclosure while sending implicit broadcast containing APP launch information.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| qualcomm wsa8835 firmware | ||
| qualcomm wsa8835 | ||
| All of | ||
| qualcomm wsa8830 firmware | ||
| qualcomm wsa8830 | ||
| All of | ||
| qualcomm wcd9380 firmware | ||
| qualcomm wcd9380 | ||
| All of | ||
| qualcomm snapdragon 8\+ gen 2 mobile platform firmware | ||
| qualcomm snapdragon 8\+ gen 2 mobile platform | ||
| All of | ||
| qualcomm snapdragon 8\+ gen 1 mobile platform firmware | ||
| qualcomm snapdragon 8\+ gen 1 mobile platform | ||
| All of | ||
| Qualcomm Snapdragon 8 Gen 3 Mobile Firmware | ||
| Qualcomm snapdragon 8 gen 3 mobile platform | ||
| All of | ||
| qualcomm snapdragon 8 gen 2 mobile platform firmware | ||
| qualcomm snapdragon 8 gen 2 mobile platform | ||
| All of | ||
| qualcomm snapdragon 8 gen 1 mobile platform firmware | ||
| qualcomm snapdragon 8 gen 1 mobile platform | ||
| All of | ||
| Qualcomm Snapdragon 7+ Gen 2 Mobile Platform Firmware | ||
| Qualcomm Snapdragon 7+ Gen 2 Mobile Platform | ||
| All of | ||
| Qualcomm Snapdragon 7 Gen 1 Mobile Platform Firmware | ||
| Qualcomm Snapdragon 7 Gen 1 Mobile Platform Firmware | ||
| All of | ||
| qualcomm snapdragon 695 5g mobile platform Firmware | ||
| qualcomm snapdragon 695 5g mobile platform | ||
| All of | ||
| qualcomm snapdragon 685 4g mobile platform \(sm6225-ad\) firmware | ||
| qualcomm snapdragon 685 4g mobile platform \(sm6225-ad\) | ||
| All of | ||
| qualcomm snapdragon 680 4g mobile platform Firmware | ||
| qualcomm snapdragon 680 4g mobile platform | ||
| All of | ||
| qualcomm snapdragon 662 mobile platform Firmware | ||
| qualcomm snapdragon 662 mobile platform | ||
| All of | ||
| Qualcomm Snapdragon 6 Gen 1 Mobile Platform Firmware | ||
| Qualcomm Snapdragon 6 Gen 1 Mobile Platform Firmware | ||
| All of | ||
| qualcomm snapdragon 480\+ 5g mobile platform \(sm4350-ac\) firmware | ||
| qualcomm snapdragon 480\+ 5g mobile platform \(sm4350-ac\) | ||
| All of | ||
| qualcomm snapdragon 480 5g mobile platform Firmware | ||
| qualcomm snapdragon 480 5g mobile platform | ||
| All of | ||
| qualcomm snapdragon 4 gen 2 mobile platform Firmware | ||
| qualcomm snapdragon 4 gen 2 mobile platform | ||
| All of | ||
| qualcomm snapdragon 4 gen 1 mobile platform Firmware | ||
| qualcomm snapdragon 4 gen 1 mobile platform | ||
| All of | ||
| qualcomm sm8750 firmware | ||
| qualcomm sm8750 | ||
| All of | ||
| qualcomm sm8635 firmware | ||
| qualcomm sm8635 | ||
| All of | ||
| qualcomm sm7435 firmware | ||
| qualcomm sm7435 | ||
| All of | ||
| qualcomm fastconnect 7800 firmware | ||
| qualcomm fastconnect 7800 | ||
| All of | ||
| qualcomm fastconnect 6900 Firmware | ||
| qualcomm fastconnect 6900 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-38425?
CVE-2024-38425 is classified as a medium severity vulnerability due to information disclosure risks.
What kind of information is disclosed by CVE-2024-38425?
CVE-2024-38425 allows malicious actors to access APP launch information via implicit broadcast.
How do I mitigate CVE-2024-38425?
To mitigate CVE-2024-38425, ensure your Qualcomm firmware is updated to the latest version as advised in the security bulletin.
Which Qualcomm products are affected by CVE-2024-38425?
CVE-2024-38425 affects various Qualcomm firmware, including the WSA8835, WSA8830, and multiple Snapdragon mobile platform versions.
Is there a patch available for CVE-2024-38425?
Yes, patches for CVE-2024-38425 are included in the latest firmware updates from Qualcomm.
- agent/references
- agent/title
- agent/description
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/qualcomm
- canonical/qualcomm wsa8835 firmware
- canonical/qualcomm wsa8835
- canonical/qualcomm wsa8830 firmware
- canonical/qualcomm wsa8830
- canonical/qualcomm wcd9380 firmware
- canonical/qualcomm wcd9380
- canonical/qualcomm snapdragon 8\+ gen 2 mobile platform firmware
- canonical/qualcomm snapdragon 8\+ gen 2 mobile platform
- canonical/qualcomm snapdragon 8\+ gen 1 mobile platform firmware
- canonical/qualcomm snapdragon 8\+ gen 1 mobile platform
- canonical/qualcomm snapdragon 8 gen 3 mobile firmware
- canonical/qualcomm snapdragon 8 gen 3 mobile platform
- canonical/qualcomm snapdragon 8 gen 2 mobile platform firmware
- canonical/qualcomm snapdragon 8 gen 2 mobile platform
- canonical/qualcomm snapdragon 8 gen 1 mobile platform firmware
- canonical/qualcomm snapdragon 8 gen 1 mobile platform
- canonical/qualcomm snapdragon 7+ gen 2 mobile platform firmware
- canonical/qualcomm snapdragon 7+ gen 2 mobile platform
- canonical/qualcomm snapdragon 7 gen 1 mobile platform firmware
- canonical/qualcomm snapdragon 695 5g mobile platform firmware
- canonical/qualcomm snapdragon 695 5g mobile platform
- canonical/qualcomm snapdragon 685 4g mobile platform \(sm6225-ad\) firmware
- canonical/qualcomm snapdragon 685 4g mobile platform \(sm6225-ad\)
- canonical/qualcomm snapdragon 680 4g mobile platform firmware
- canonical/qualcomm snapdragon 680 4g mobile platform
- canonical/qualcomm snapdragon 662 mobile platform firmware
- canonical/qualcomm snapdragon 662 mobile platform
- canonical/qualcomm snapdragon 6 gen 1 mobile platform firmware
- canonical/qualcomm snapdragon 480\+ 5g mobile platform \(sm4350-ac\) firmware
- canonical/qualcomm snapdragon 480\+ 5g mobile platform \(sm4350-ac\)
- canonical/qualcomm snapdragon 480 5g mobile platform firmware
- canonical/qualcomm snapdragon 480 5g mobile platform
- canonical/qualcomm snapdragon 4 gen 2 mobile platform firmware
- canonical/qualcomm snapdragon 4 gen 2 mobile platform
- canonical/qualcomm snapdragon 4 gen 1 mobile platform firmware
- canonical/qualcomm snapdragon 4 gen 1 mobile platform
- canonical/qualcomm sm8750 firmware
- canonical/qualcomm sm8750
- canonical/qualcomm sm8635 firmware
- canonical/qualcomm sm8635
- canonical/qualcomm sm7435 firmware
- canonical/qualcomm sm7435
- canonical/qualcomm fastconnect 7800 firmware
- canonical/qualcomm fastconnect 7800
- canonical/qualcomm fastconnect 6900 firmware
- canonical/qualcomm fastconnect 6900