CVE-2024-43047

Confirmed PUBLISHED

Use After Free in DSP Service

Qualcomm, Inc. · Snapdragon
Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
7.8 High

At a Glance

Memory corruption while maintaining memory maps of HLOS memory.

cisa
CVE Published
Oct 07, 2024
Exploitation Reported
Oct 08, 2024
CVSS
7.8 High
EPSS
Low complexity No user interaction

Affected Versions

128 version rows · page 1 of 6

Vendor Product Version Status
qualcomm
fastconnect_6700_firmware

0 to <= *

Affected
qualcomm
fastconnect_6800_firmware

0 to <= *

Affected
qualcomm
fastconnect_6900_firmware

0 to <= *

Affected
qualcomm
fastconnect_7800_firmware

0 to <= *

Affected
qualcomm
qam8295p_firmware

0 to <= *

Affected
qualcomm
qca6174a_firmware

0 to <= *

Affected
qualcomm
qca6391_firmware

0 to <= *

Affected
qualcomm
qca6426_firmware

0 to <= *

Affected
qualcomm
qca6436_firmware

0 to <= *

Affected
qualcomm
qca6574au_firmware

0 to <= *

Affected
qualcomm
qca6584au_firmware

0 to <= *

Affected
qualcomm
qca6595_firmware

0 to <= *

Affected
qualcomm
qca6595au_firmware

0 to <= *

Affected
qualcomm
qca6688aq_firmware

0 to <= *

Affected
qualcomm
qca6696_firmware

0 to <= *

Affected
qualcomm
qca6698aq_firmware

0 to <= *

Affected
qualcomm
qcs410_firmware

0 to <= *

Affected
qualcomm
qcs610_firmware

0 to <= *

Affected
qualcomm
qcs6490_firmware

0 to <= *

Affected
qualcomm
qualcomm_video_collaboration_vc1_platform_firmware

0 to <= *

Affected
qualcomm
qualcomm_video_collaboration_vc3_platform_firmware

0 to <= *

Affected
qualcomm
sa4150p_firmware

0 to <= *

Affected
qualcomm
sa4155p_firmware

0 to <= *

Affected
qualcomm
sa6145p_firmware

0 to <= *

Affected
qualcomm
sa6150p_firmware

0 to <= *

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.