qcs9100 firmware · threatengine.sh

Home/Product/qualcomm qcs9100 firmware

Product

qualcomm qcs9100 firmware

75 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.

Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID.

Memory corruption while processing identity credential operations in the trusted application.

Memory corruption while processing a secure logging command in the trusted application.

Cryptographic issue may occur while encrypting license data.

Memory corruption while handling sensor utility operations.

Memory corruption while deinitializing a HDCP session.

Memory corruption while accessing a synchronization object during concurrent operations.

Memory corruption while parsing clock configuration data for a specific hardware type.

Memory corruption while processing shared command buffer packet between camera userspace and kernel.

Information disclosure while processing a firmware event.

Transient DOS while parsing video packets received from the video firmware.

Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.

Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions.

Memory corruption while performing encryption and decryption commands.

Memory corruption while processing a malformed license file during reboot.

Memory corruption during PlayReady APP usecase while processing TA commands.

Information disclosure while running video usecase having rogue firmware.

memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency.

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than th

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.

Memory corruption while performing private key encryption in trusted application.

Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.

Transient DOS while processing an ANQP message.

Information disclosure while processing the hash segment in an MBN file.

Information disclosure while reading data from an image using specified offset and size parameters.

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmwar

Transient DOS while handling beacon frames with invalid IE header length.

Memory corruption while processing data packets in diag received from Unix clients.

Memory corruption while processing manipulated payload in video firmware.

Memory corruption while processing video packets received from video firmware.

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

Memory corruption while retrieving the CBOR data from TA.

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

Memory corruption while operating the mailbox in Automotive.

Transient DOS while processing the EHT operation IE in the received beacon frame.

Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.

Information disclosure may occur while processing goodbye RTCP packet from network.

Information disclosure may occur while decoding the RTP packet with invalid header extension from network.

Memory corruption may occur while attaching VM when the HLOS retains access to VM.

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null

Transient DOS while parsing per STA profile in ML IE.

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures oc

Memory corruption during the FRS UDS generation process.

Memory corruption while triggering commands in the PlayReady Trusted application.

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

Memory corruption while reading secure file.

Transient DOS may occur while parsing SSID in action frames.

Transient DOS may occur while parsing EHT operation IE or EHT capability IE.

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification fai

Information disclosure while creating MQ channels.

Cryptographic issues while generating an asymmetric key pair for RKP use cases.

There may be information disclosure during memory re-allocation in TZ Secure OS.

Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP.

Memory corruption while processing input message passed from FE driver.

Transient DOS may occur while processing the country IE.

Memory corruption in display driver while detaching a device.

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

Information disclosure while deriving keys for a session for any Widevine use case.

Memory corruption during management frame processing due to mismatch in T2LM info element.

Information disclosure while parsing the OCI IE with invalid length.

Memory corruption while power-up or power-down sequence of the camera sensor.

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

Memory corruption while parsing the ML IE due to invalid frame content.

Memory corruption while configuring a Hypervisor based input virtual device.

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

Memory corruption while handling session errors from firmware.

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

Transient DOS while processing the CU information from RNR IE.

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin