Cyber Resilience

CVE-2024-45561

High

Published: 03 February 2025

Published
03 February 2025
Modified
05 February 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0011 29.8th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-45561 is a high-severity Buffer Over-read (CWE-126) vulnerability in Qualcomm Aqt1000 Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 29.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2024-45561 is a memory corruption vulnerability, associated with CWE-126 (Buffer Over-read) and CWE-416 (Use After Free), that occurs while handling an IOCTL call from user-space to set latency level. It affects Qualcomm components, as documented in their public security resources.

The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating a local attack vector with low attack complexity and low required privileges. A local attacker could exploit it by sending a specially crafted IOCTL call, potentially achieving high impacts on confidentiality, integrity, and availability, such as arbitrary code execution in the context of the affected component.

Qualcomm's February 2025 security bulletin provides details on affected products and mitigation, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html.

EU & UK References

Vulnerability details

Memory corruption while handling IOCTL call from user-space to set latency level.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local memory corruption in Qualcomm driver via crafted IOCTL enables direct kernel-level arbitrary code execution for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-47359Same product: Qualcomm Aqt1000
CVE-2024-45560Same product: Qualcomm Aqt1000
CVE-2026-21378Same product: Qualcomm Aqt1000
CVE-2026-21371Same product: Qualcomm Aqt1000
CVE-2026-21374Same product: Qualcomm Aqt1000
CVE-2026-21373Same product: Qualcomm Aqt1000
CVE-2026-21376Same product: Qualcomm Aqt1000
CVE-2024-45541Same product: Qualcomm Aqt1000
CVE-2024-45542Same product: Qualcomm Aqt1000
CVE-2025-47390Same product: Qualcomm Fastconnect 6700

Affected Assets

qualcomm
aqt1000 firmware
all versions
qualcomm
fastconnect 6200 firmware
all versions
qualcomm
fastconnect 6700 firmware
all versions
qualcomm
fastconnect 6800 firmware
all versions
qualcomm
fastconnect 6900 firmware
all versions
qualcomm
fastconnect 7800 firmware
all versions
qualcomm
qca6391 firmware
all versions
qualcomm
qca6420 firmware
all versions
qualcomm
qca6430 firmware
all versions
qualcomm
qcc2073 firmware
all versions
+22 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Implements memory protection mechanisms that directly mitigate buffer over-read and use-after-free vulnerabilities during IOCTL handling.

prevent

Requires validation of user-space IOCTL inputs to block specially crafted calls that trigger memory corruption.

prevent

Restricts access to I/O devices and control channels, limiting local attackers' ability to send malicious IOCTLs.

References