Cyber Posture

CVE-2024-53024

High

Published: 03 March 2025

Published
03 March 2025
Modified
11 August 2025
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0016 35.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-53024 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability in Qualcomm Qcs6490 Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 35.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly addresses the memory corruption vulnerability by requiring timely remediation through application of Qualcomm's patches for the NULL pointer dereference in the display driver.

SI-16 Memory Protection good match
prevent

Implements memory safeguards such as non-executable memory and address randomization to prevent arbitrary code execution from the display driver memory corruption.

SI-11 Error Handling partial match
prevent

Ensures secure error handling for NULL pointer dereferences during device detachment to avoid exploitable crashes or information disclosure.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Local NULL pointer dereference in kernel display driver enables low-priv arbitrary code execution or DoS, directly mapping to exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Memory corruption in display driver while detaching a device.

Deeper analysisAI

CVE-2024-53024 is a memory corruption vulnerability, classified under CWE-476 (NULL Pointer Dereference), occurring in the display driver during device detachment. It affects Qualcomm components, as detailed in their security bulletin. The vulnerability received a CVSS v3.1 base score of 7.8 (High), reflecting its potential severity with local access.

A local attacker with low privileges (PR:L) can exploit this vulnerability with low complexity (AC:L) and no user interaction required (UI:N). Successful exploitation enables high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), potentially allowing arbitrary code execution, data corruption, or system crashes within the unchanged scope (S:U).

Qualcomm's March 2025 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html provides details on affected products and recommended patches or mitigations for remediation.

Details

CWE(s)
CWE-476

Affected Products

qualcomm
qcs6490 firmware
all versions
qualcomm
qcs7230 firmware
all versions
qualcomm
qcs8250 firmware
all versions
qualcomm
qcs8300 firmware
all versions
qualcomm
qcs8550 firmware
all versions
qualcomm
qcs9100 firmware
all versions
qualcomm
qmp1000 firmware
all versions
qualcomm
qrb5165m firmware
all versions
qualcomm
qrb5165n firmware
all versions
qualcomm
qsm8350 firmware
all versions
+156 more product configuration(s) — see NVD for full list

CVEs Like This One

CVE-2024-53014Same product: Qualcomm Ar8035
CVE-2024-49834Same product: Qualcomm Csra6620
CVE-2025-21424Same product: Qualcomm Ar8035
CVE-2025-47348Same product: Qualcomm Ar8035
CVE-2025-47346Same product: Qualcomm Ar8035
CVE-2024-49833Same product: Qualcomm Fastconnect 6700
CVE-2025-47345Same product: Qualcomm Ar8035
CVE-2025-47398Same product: Qualcomm Csra6620
CVE-2025-47397Same product: Qualcomm Csra6620
CVE-2024-53023Same product: Qualcomm Ar8035

References