Cyber Posture

CVE-2024-53032

High

Published: 03 March 2025

Published
03 March 2025
Modified
07 March 2025
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0009 24.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-53032 is a high-severity Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) vulnerability in Qualcomm Qam8255P Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 24.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Requires timely identification, reporting, and patching of the specific memory corruption flaw in the keyboard virtual device as detailed in Qualcomm's security bulletin.

SI-16 Memory Protection good match
prevent

Enforces memory protection mechanisms such as ASLR and DEP to prevent exploitation of memory corruption triggered by guest VM interactions.

SI-10 Information Input Validation partial match
prevent

Validates and sanitizes inputs from guest VMs to the keyboard virtual device, reducing the risk of interactions causing memory corruption.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Local memory corruption in virtual device (guest-triggered) directly enables privilege escalation via exploitation of the flaw.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Memory corruption may occur in keyboard virtual device due to guest VM interaction.

Deeper analysisAI

CVE-2024-53032 is a memory corruption vulnerability (CWE-367) in the keyboard virtual device triggered by guest VM interactions. It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on March 3, 2025. The issue affects components in Qualcomm products, as outlined in their security advisories.

A local attacker with low privileges can exploit this vulnerability due to its low attack complexity and lack of required user interaction. Exploitation leads to memory corruption, enabling high-impact consequences including unauthorized data disclosure, modification, and denial of service within the affected scope.

Qualcomm's March 2025 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html details patches and mitigation guidance for addressing this vulnerability.

Details

CWE(s)
CWE-367

Affected Products

qualcomm
qam8255p firmware
all versions
qualcomm
qam8295p firmware
all versions
qualcomm
qam8620p firmware
all versions
qualcomm
qam8650p firmware
all versions
qualcomm
qam8775p firmware
all versions
qualcomm
qamsrv1h firmware
all versions
qualcomm
qamsrv1m firmware
all versions
qualcomm
qca6574au firmware
all versions
qualcomm
qca6595 firmware
all versions
qualcomm
qca6595au firmware
all versions
+16 more product configuration(s) — see NVD for full list

CVEs Like This One

CVE-2024-53028Same product: Qualcomm Qam8255P
CVE-2024-53012Same product: Qualcomm Qam8255P
CVE-2024-53031Same product: Qualcomm Qam8255P
CVE-2024-49837Same product: Qualcomm Qam8255P
CVE-2024-53022Same product: Qualcomm Qam8255P
CVE-2024-53029Same product: Qualcomm Qam8255P
CVE-2025-47363Same product: Qualcomm Qam8255P
CVE-2025-47393Same product: Qualcomm Qam8255P
CVE-2024-53030Same product: Qualcomm Qam8255P
CVE-2025-47407Same vendor: Qualcomm

References