Cyber Resilience

CVE-2024-43063

Medium

Published: 06 January 2025

Published
06 January 2025
Modified
10 January 2025
KEV Added
Patch
CVSS Score v3.1 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
EPSS Score 0.0010 27.2th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43063 is a medium-severity Buffer Over-read (CWE-126) vulnerability in Qualcomm Qam8255P Firmware. Its CVSS base score is 6.1 (Medium).

Operationally, ranked at the 27.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

information disclosure while invoking the mailbox read API.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

qualcomm
qam8255p firmware
all versions
qualcomm
qam8295p firmware
all versions
qualcomm
qam8650p firmware
all versions
qualcomm
qam8775p firmware
all versions
qualcomm
qamsrv1h firmware
all versions
qualcomm
qca6595 firmware
all versions
qualcomm
qca6595au firmware
all versions
qualcomm
qca6696 firmware
all versions
qualcomm
qca6698aq firmware
all versions
qualcomm
sa8255p firmware
all versions
+7 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References