Cyber Resilience

CVE-2024-49839

High

Published: 03 February 2025

Published
03 February 2025
Modified
11 August 2025
KEV Added
Patch
CVSS Score v3.1 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
EPSS Score 0.0014 34.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-49839 is a high-severity Buffer Over-read (CWE-126) vulnerability in Qualcomm Ar8035 Firmware. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 34.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2024-49839 is a memory corruption vulnerability stemming from a mismatch in the T2LM information element during management frame processing. It affects components in Qualcomm products, as detailed in their security bulletin. The issue is associated with CWE-126 (Buffer Over-read) and CWE-125 (Out-of-bounds Read), earning a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L), indicating high severity due to its network accessibility and potential for significant confidentiality impact.

A remote, unauthenticated attacker can exploit this vulnerability by sending crafted management frames over the network with low complexity and no user interaction required. Successful exploitation could result in high-impact confidentiality violations, such as disclosure of sensitive information through memory corruption, alongside a low-impact availability disruption, potentially enabling denial-of-service conditions.

Qualcomm's February 2025 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html provides details on affected products and recommended mitigations or patches.

EU & UK References

Vulnerability details

Memory corruption during management frame processing due to mismatch in T2LM info element.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote unauthenticated network exploitation of management frame processing in Qualcomm wireless components directly maps to public-facing application exploitation; buffer over-read enables info disclosure/DoS impact.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-49838Same product: Qualcomm Ar8035
CVE-2024-45558Same product: Qualcomm Ar8035
CVE-2025-21427Same product: Qualcomm Fastconnect 6700
CVE-2024-45569Same product: Qualcomm Ar8035
CVE-2024-45571Same product: Qualcomm Ar8035
CVE-2024-38404Same product: Qualcomm Ar8035
CVE-2026-21367Same product: Qualcomm Ar8035
CVE-2024-45546Same product: Qualcomm Fastconnect 6900
CVE-2024-45548Same product: Qualcomm Fastconnect 6900
CVE-2025-21450Same product: Qualcomm Ar8035

Affected Assets

qualcomm
ar8035 firmware
all versions
qualcomm
csr8811 firmware
all versions
qualcomm
fastconnect 6700 firmware
all versions
qualcomm
fastconnect 6900 firmware
all versions
qualcomm
fastconnect 7800 firmware
all versions
qualcomm
immersive home 214 firmware
all versions
qualcomm
immersive home 216 firmware
all versions
qualcomm
immersive home 316 firmware
all versions
qualcomm
immersive home 318 firmware
all versions
qualcomm
immersive home 3210 firmware
all versions
+176 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the memory corruption vulnerability by requiring timely application of Qualcomm patches specified in their February 2025 security bulletin.

prevent

Requires validation of incoming management frames and T2LM information elements to prevent processing of malformed data leading to buffer over-reads.

prevent

Implements memory protection mechanisms like address space layout randomization and stack canaries to mitigate exploitation of the out-of-bounds read memory corruption.

References