Qualcomm: >> Wcn6740 Firmware Security Vulnerabilities
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-09-02
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-02
Memory corruption when Alternative Frequency offset value is set to 255.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-02
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-09-02
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-09-02
Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-08-05
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-08-05
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-08-05
Transient DOS while parsing ESP IE from beacon/probe response frame.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-08-05
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-08-05