CVE-2024-38425
6.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Summary
Information disclosure while sending implicit broadcast containing APP launch information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon | FastConnect 6900 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 7800 | affected |
| Qualcomm, Inc. | Snapdragon | SM7435 | affected |
| Qualcomm, Inc. | Snapdragon | SM8635 | affected |
| Qualcomm, Inc. | Snapdragon | SM8750 | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 4 Gen 1 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 4 Gen 2 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 480 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 480+ 5G Mobile Platform (SM4350-AC) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 6 Gen 1 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 662 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 680 4G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 685 4G Mobile Platform (SM6225-AD) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 695 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 7 Gen 1 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 7+ Gen 2 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8 Gen 1 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8 Gen 2 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8 Gen 3 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8+ Gen 1 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8+ Gen 2 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | WCD9380 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8830 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8835 | affected |
Weaknesses
- CWE-285: CWE-285 Improper Authorization
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.