1. Home
  2. CVE Database
  3. CVE-2024-23358
HIGH · 7.5

CVE-2024-23358

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.

Vulnerability Description

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
QualcommApq8017 Firmware-
QualcommApq8017-
QualcommApq8037 Firmware-
QualcommApq8037-
QualcommAr8035 Firmware-
QualcommAr8035-
QualcommFastconnect 7800 Firmware-
QualcommFastconnect 7800-
QualcommMsm8108 Firmware-
QualcommMsm8108-
QualcommMsm8209 Firmware-
QualcommMsm8209-
QualcommMsm8608 Firmware-
QualcommMsm8608-
QualcommQca6584Au Firmware-
QualcommQca6584Au-
QualcommQca6698Aq Firmware-
QualcommQca6698Aq-
QualcommQca8081 Firmware-
QualcommQca8081-

Related Weaknesses (CWE)

CWE-126

References

FAQ

What is CVE-2024-23358?

CVE-2024-23358 is a vulnerability with a CVSS score of 7.5 (HIGH). Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.

How severe is CVE-2024-23358?

CVE-2024-23358 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-23358?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8017 Firmware, Qualcomm Apq8017, Qualcomm Apq8037 Firmware, Qualcomm Apq8037, Qualcomm Ar8035 Firmware.