ID

VAR-202503-0307


CVE

CVE-2024-38426


TITLE

Authentication vulnerabilities in multiple Qualcomm products

Trust: 0.8

sources: JVNDB: JVNDB-2024-020278

DESCRIPTION

While processing the authentication message in UE, improper authentication may lead to information disclosure. 315 5g iot firmware, 9205 lte firmware, AR8035 Multiple Qualcomm products, such as firmware, contain vulnerabilities related to authentication.Information may be obtained

Trust: 1.62

sources: NVD: CVE-2024-38426 // JVNDB: JVNDB-2024-020278

AFFECTED PRODUCTS

vendor:qualcommmodel:snapdragon 480\+ 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcc711scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6900scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 678scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 765g 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x62 5g-rfscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6800scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 685 4gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 4 gen 1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x72 5g-rfscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8840scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:robotics rb2scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9367scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx80mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8 gen1 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x55 5g-rfscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9378scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 732gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 768g 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 8 gen 1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8035scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 665scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6274scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x35 5g-rfscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smart audio 400scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qts110scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9628scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8081scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8845scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9377scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfw7114scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x75 5g-rfscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon wear 1300scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon auto 4gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x70-rfscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm2150scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx61scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sg4150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3910scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7861scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6224scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7881scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon wear 4100\+scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 7800scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4325scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:video collaboration vc1 platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6700scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 212scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:9205 ltescope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7635scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 680 4gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qep8111scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csrb31024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6755scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:315 5g iotscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 662scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcc710scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm8635scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon w5\+ gen 1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx57mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9371scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 480 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 765 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x12 ltescope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 835 mobile pcscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8845hscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9205sscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 460scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 695 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon auto 5g-rfscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm8635pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs4490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm8650qscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x65 5g-rfscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 8 gen 3scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 870 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9306scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfw7124scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 730gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x5 ltescope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9395scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon auto 5g-rf gen 2scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx71mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 8657\+ 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8832scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:video collaboration vc3 platformscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 210scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6698aqscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6200scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7675pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca4004scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9330scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:315 5g iotscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6900scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6320scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csra6620scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6310scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9640scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6391scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6200scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csrb31024scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca4004scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 7800scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8996auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6174ascope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9205sscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csra6640scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6800scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9628scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6700scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8035scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:9205 ltescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2024-020278 // NVD: CVE-2024-38426

CVSS

SEVERITY

CVSSV2

CVSSV3

product-security@qualcomm.com: CVE-2024-38426
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2024-38426
value: MEDIUM

Trust: 1.0

NVD: CVE-2024-38426
value: MEDIUM

Trust: 0.8

product-security@qualcomm.com: CVE-2024-38426
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 2.5
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2024-38426
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2024-38426
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2024-020278 // NVD: CVE-2024-38426 // NVD: CVE-2024-38426

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.0

problemtype:Inappropriate authentication (CWE-287) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-020278 // NVD: CVE-2024-38426

EXTERNAL IDS

db:NVDid:CVE-2024-38426

Trust: 2.6

db:JVNDBid:JVNDB-2024-020278

Trust: 0.8

sources: JVNDB: JVNDB-2024-020278 // NVD: CVE-2024-38426

REFERENCES

url:https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-38426

Trust: 0.8

sources: JVNDB: JVNDB-2024-020278 // NVD: CVE-2024-38426

SOURCES

db:JVNDBid:JVNDB-2024-020278
db:NVDid:CVE-2024-38426

LAST UPDATE DATE

2025-08-11T23:09:18.957000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2024-020278date:2025-03-12T06:33:00
db:NVDid:CVE-2024-38426date:2025-08-11T15:06:17.607

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2024-020278date:2025-03-12T00:00:00
db:NVDid:CVE-2024-38426date:2025-03-03T11:15:11.260