Qualcomm Snapdragon Auto up to XR2+ Gen 1 Platform OCI IE buffer over-read

Summaryinfo

A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Technology, Snapdragon WBC and Snapdragon Wearables. Impacted is an unknown function of the component OCI IE. This manipulation causes buffer over-read. This vulnerability is registered as CVE-2024-49838. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

Detailsinfo

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Technology, Snapdragon WBC and Snapdragon Wearables and classified as critical. Affected by this vulnerability is some unknown processing of the component OCI IE. The manipulation with an unknown input leads to a buffer over-read vulnerability. The CWE definition for the vulnerability is CWE-126. The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

Information disclosure while parsing the OCI IE with invalid length.

It is possible to read the advisory at docs.qualcomm.com. This vulnerability is known as CVE-2024-49838 since 10/20/2024. The exploitation appears to be easy. The attack can be launched remotely. The exploitation doesn't need any form of authentication. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $0-$5k at the moment (estimation calculated on 09/06/2025).

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at CERT Bund (WID-SEC-2025-0477). Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Affected

• Google Android

Productinfo

Type

• Chip Software

Vendor

• Qualcomm

Name

• Snapdragon Auto
• Snapdragon Compute
• Snapdragon Connectivity
• Snapdragon Consumer Electronics Connectivity
• Snapdragon Consumer IOT
• Snapdragon Industrial IOT
• Snapdragon Mobile
• Snapdragon Technology
• Snapdragon WBC
• Snapdragon Wearables

Version

• 4 Gen 1 Mobile Platform
• 4 Gen 2 Mobile Platform
• 8 Gen 1 Mobile Platform
• 8 Gen 2 Mobile Platform
• 8 Gen 3 Mobile Platform
• 8+ Gen 1 Mobile Platform
• 8+ Gen 2 Mobile Platform
• 460 Mobile Platform
• 480 5G Mobile Platform
• 480+ 5G Mobile Platform (SM4350-AC)
• 662 Mobile Platform
• 680 4G Mobile Platform
• 685 4G Mobile Platform (SM6225-AD)
• 695 5G Mobile Platform
• 865 5G Mobile Platform
• 865+ 5G Mobile Platform (SM8250-AB)
• 870 5G Mobile Platform (SM8250-AC)
• AR1 Gen 1 Platform
• AR1 Gen 1 Platform "Luna1"
• AR2 Gen 1 Platform
• AR8035
• Auto 5G Modem-RF Gen 2
• FastConnect 6200
• FastConnect 6700
• FastConnect 6800
• FastConnect 6900
• FastConnect 7800
• MDM9628
• QAM8255P
• QAM8295P
• QAM8620P
• QAM8650P
• QAM8775P
• QAMSRV1H
• QAMSRV1M
• QCA6174A
• QCA6391
• QCA6426
• QCA6436
• QCA6554A
• QCA6564A
• QCA6564AU
• QCA6574
• QCA6574A
• QCA6574AU
• QCA6584AU
• QCA6595
• QCA6595AU
• QCA6678AQ
• QCA6688AQ
• QCA6696
• QCA6698AQ
• QCA6777AQ
• QCA6787AQ
• QCA6797AQ
• QCA8081
• QCA8337
• QCA9367
• QCA9377
• QCC710
• QCC2073
• QCC2076
• QCM4325
• QCM4490
• QCM5430
• QCM6125
• QCM6490
• QCM8550
• QCN6024
• QCN6224
• QCN6274
• QCN9024
• QCN9274
• QCS615
• QCS4490
• QCS5430
• QCS6125
• QCS6490
• QCS7230
• QCS8250
• QCS8300
• QCS8550
• QCS9100
• QEP8111
• QFW7114
• QFW7124
• Qualcomm Video Collaboration VC1 Platform
• Qualcomm Video Collaboration VC3 Platform
• Qualcomm Video Collaboration VC5 Platform
• SA6155P
• SA7255P
• SA7775P
• SA8155P
• SA8195P
• SA8255P
• SA8295P
• SA8530P
• SA8540P
• SA8620P
• SA8650P
• SA8770P
• SA8775P
• SA9000P
• SC8380XP
• SD 8 Gen1 5G
• SD865 5G
• SDX61
• SG4150P
• SM4635
• SM6650
• SM7635
• SM7675
• SM7675P
• SM8550P
• SM8635
• SM8635P
• SM8750
• SM8750P
• SRV1H
• SRV1L
• SRV1M
• SSG2115P
• SSG2125P
• SW5100
• SW5100P
• SXR1230P
• SXR2130
• SXR2230P
• SXR2250P
• SXR2330P
• TalynPlus
• Vision Intelligence 400 Platform
• W5+ Gen 1 Wearable Platform
• WCD9335
• WCD9340
• WCD9341
• WCD9370
• WCD9375
• WCD9378
• WCD9380
• WCD9385
• WCD9390
• WCD9395
• WCN3950
• WCN3980
• WCN3988
• WCN3990
• WCN6650
• WCN6740
• WCN6755
• WCN7860
• WCN7861
• WCN7880
• WCN7881
• WSA8810
• WSA8815
• WSA8830
• WSA8832
• WSA8835
• WSA8840
• WSA8845
• WSA8845H
• X35 5G Modem-RF System
• X55 5G Modem-RF System
• X62 5G Modem-RF System
• X65 5G Modem-RF System
• X72 5G Modem-RF System
• X75 5G Modem-RF System
• XR2 5G Platform
• XR2+ Gen 1 Platform

License

• commercial

Website

• Vendor: https://www.qualcomm.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Discussion