Qualcomm Component Vulnerability: DC-2024-23350 (Medium)

2024-11-26

Platform: Qualcomm Multi-mode Call Processor

Version: Not Applicable (Affects All Versions)

Vulnerability: Denial-of-Service (DoS)

Severity: Medium

Date: August 5, 2024 (Published), November 26, 2024 (Updated)

What Undercode Says:

This article describes a vulnerability (CVE-2024-23350) in a Qualcomm multi-mode call processor that can be exploited to cause a Denial-of-Service (DoS) condition. The DoS occurs when the device receives a specific combination of network messages. While the details of the exploit aren’t publicly available, it’s classified as medium severity.

Here’s a breakdown of the issue:

Vulnerability: The device can crash if it receives specific network messages in a particular sequence. One message must have a failed integrity check, and the other needs to be a Location Positioning Protocol (LPP) message.
Impact: The device can become unresponsive and require a reboot to function again.
It’s important to note that:

The specific requirements to trigger the DoS are not publicly available.
Qualcomm has likely addressed this vulnerability in their latest updates.

What to do:

Keep your Android device updated with the latest security patches from your manufacturer.
If you suspect your device is experiencing DoS attacks, consult a security professional for assistance.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top