Cyber Resilience

CVE-2024-43059

High

Published: 03 March 2025

Published
03 March 2025
Modified
06 March 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0011 29.8th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43059 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Sa8770P Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 29.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2024-43059 is a memory corruption vulnerability classified under CWE-416, stemming from improper handling during IOCTL calls invoked from user-space targeting the HGSL memory node. Published on 2025-03-03, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and affects Qualcomm components, as outlined in their security advisories.

A local attacker with low privileges can exploit this vulnerability through low-complexity IOCTL invocations without requiring user interaction. Exploitation results in high impacts to confidentiality, integrity, and availability, enabling potential memory corruption that could lead to code execution or denial of service within the affected scope.

Qualcomm's March 2025 security bulletin details mitigation steps, including patches for vulnerable products. Security practitioners should consult the advisory at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html for specific affected versions and remediation guidance.

EU & UK References

Vulnerability details

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local memory corruption in kernel driver (IOCTL) directly enables privilege escalation via code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-43062Same product: Qualcomm Fastconnect 6900
CVE-2024-43061Same product: Qualcomm Fastconnect 6900
CVE-2024-45580Same product: Qualcomm Fastconnect 6900
CVE-2024-43055Same product: Qualcomm Fastconnect 6900
CVE-2026-21380Same product: Qualcomm Fastconnect 6900
CVE-2024-33055Same product: Qualcomm Fastconnect 6900
CVE-2025-47358Same product: Qualcomm Fastconnect 6900
CVE-2024-53023Same product: Qualcomm Fastconnect 6900
CVE-2024-33059Same product: Qualcomm Fastconnect 6900
CVE-2024-38411Same product: Qualcomm Fastconnect 6900

Affected Assets

qualcomm
sa8770p firmware
all versions
qualcomm
sa8775p firmware
all versions
qualcomm
sa9000p firmware
all versions
qualcomm
sdm429w firmware
all versions
qualcomm
snapdragon 429 firmware
all versions
qualcomm
snapdragon 8 gen 1 firmware
all versions
qualcomm
sxr2230p firmware
all versions
qualcomm
sxr2250p firmware
all versions
qualcomm
wcd9380 firmware
all versions
qualcomm
wcd9385 firmware
all versions
+10 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Implements memory protection mechanisms such as address space randomization and non-executable memory to directly mitigate memory corruption exploits like use-after-free in HGSL IOCTL handlers.

prevent

Enforces validation of user-space inputs to IOCTL calls, preventing improper handling that leads to memory corruption in the HGSL memory node.

prevent

Requires timely identification, reporting, and remediation of flaws like CVE-2024-43059 through patches outlined in Qualcomm's security bulletin.

References