CVE-2024-21453

moderate-risk

Published 2024-04-01

Transient DOS while decoding message of size that exceeds the available system memory.

Do I need to act?

0.12% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

C-V2X 9150 Firmware

Qcs410 Firmware

Qcs610 Firmware

Video Collaboration Vc1 Platform Firmware

Video Collaboration Vc3 Platform Firmware

Snapdragon Auto 5G Modem-Rf Firmware

Snapdragon Auto 4G Modem Firmware

Wcd9341 Firmware

Wcd9370 Firmware

Wcn3950 Firmware

Wcn3980 Firmware

Wsa8810 Firmware

Wsa8815 Firmware

Qualcomm

Vendor Advisory https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bu...

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 1/34 · Minimal

Exposure 17/34 · Moderate