CVE-2024-45556 - Vulnerability Details

Link	Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Description		Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR.
Title		Improper Access Control for Register Interface in TZ Firmware
Weaknesses		CWE-1262
References		https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-45556", "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "state": "PUBLISHED", "assignerShortName": "qualcomm", "dateReserved": "2024-09-02T10:26:15.223Z", "datePublished": "2025-04-07T10:15:47.649Z", "dateUpdated": "2025-04-07T15:51:55.660Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Snapdragon CCW", "Snapdragon Compute", "Snapdragon Wearables", "Snapdragon Wired Infrastructure and Networking"], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "FastConnect 6900"}, {"status": "affected", "version": "FastConnect 7800"}, {"status": "affected", "version": "Immersive Home 3210 Platform"}, {"status": "affected", "version": "Immersive Home 326 Platform"}, {"status": "affected", "version": "IPQ5300"}, {"status": "affected", "version": "IPQ5302"}, {"status": "affected", "version": "IPQ5312"}, {"status": "affected", "version": "IPQ5332"}, {"status": "affected", "version": "IPQ9008"}, {"status": "affected", "version": "IPQ9048"}, {"status": "affected", "version": "IPQ9554"}, {"status": "affected", "version": "IPQ9570"}, {"status": "affected", "version": "IPQ9574"}, {"status": "affected", "version": "QCA0000"}, {"status": "affected", "version": "QCA8075"}, {"status": "affected", "version": "QCA8081"}, {"status": "affected", "version": "QCA8082"}, {"status": "affected", "version": "QCA8084"}, {"status": "affected", "version": "QCA8085"}, {"status": "affected", "version": "QCA8386"}, {"status": "affected", "version": "QCF8000"}, {"status": "affected", "version": "QCF8000SFP"}, {"status": "affected", "version": "QCF8001"}, {"status": "affected", "version": "QCN5124"}, {"status": "affected", "version": "QCN6224"}, {"status": "affected", "version": "QCN6402"}, {"status": "affected", "version": "QCN6412"}, {"status": "affected", "version": "QCN6422"}, {"status": "affected", "version": "QCN6432"}, {"status": "affected", "version": "QCN9000"}, {"status": "affected", "version": "QCN9012"}, {"status": "affected", "version": "QCN9013"}, {"status": "affected", "version": "QCN9024"}, {"status": "affected", "version": "QCN9074"}, {"status": "affected", "version": "QCN9160"}, {"status": "affected", "version": "QCN9274"}, {"status": "affected", "version": "QXM8083"}, {"status": "affected", "version": "SD 8 Gen1 5G"}, {"status": "affected", "version": "SDM429W"}, {"status": "affected", "version": "SDX65M"}, {"status": "affected", "version": "Snapdragon 429 Mobile Platform"}, {"status": "affected", "version": "Snapdragon AR1 Gen 1 Platform"}, {"status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\""}, {"status": "affected", "version": "Snapdragon AR2 Gen 1 Platform"}, {"status": "affected", "version": "Snapdragon Wear 4100+ Platform"}, {"status": "affected", "version": "Snapdragon X65 5G Modem-RF System"}, {"status": "affected", "version": "SSG2115P"}, {"status": "affected", "version": "SSG2125P"}, {"status": "affected", "version": "SXR1230P"}, {"status": "affected", "version": "SXR2230P"}, {"status": "affected", "version": "SXR2250P"}, {"status": "affected", "version": "WCD9380"}, {"status": "affected", "version": "WCD9385"}, {"status": "affected", "version": "WCN3620"}, {"status": "affected", "version": "WCN3660B"}, {"status": "affected", "version": "WCN3680B"}, {"status": "affected", "version": "WCN3980"}, {"status": "affected", "version": "WSA8830"}, {"status": "affected", "version": "WSA8832"}, {"status": "affected", "version": "WSA8835"}]}], "descriptions": [{"lang": "en", "value": "Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1262", "description": "CWE-1262: Improper Access Control for Register Interface", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm", "dateUpdated": "2025-04-07T10:15:47.649Z"}, "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html"}], "title": "Improper Access Control for Register Interface in TZ Firmware"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-07T15:51:44.636784Z", "id": "CVE-2024-45556", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-07T15:51:55.660Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2024-45556 (string)

assignerOrgId : 2cfc7d3e-20d3-47ac-8db7-1b7285aff15f (string)

state : PUBLISHED (string)

assignerShortName : qualcomm (string)

dateReserved : 2024-09-02T10:26:15.223Z (string)

datePublished : 2025-04-07T10:15:47.649Z (string)

dateUpdated : 2025-04-07T15:51:55.660Z (string)

}

containers : { »

cna : { »

affected : [ »

0 : { »

defaultStatus : unaffected (string)

platforms : [ »

0 : Snapdragon CCW (string)

1 : Snapdragon Compute (string)

2 : Snapdragon Wearables (string)

3 : Snapdragon Wired Infrastructure and Networking (string)

]

product : Snapdragon (string)

vendor : Qualcomm, Inc. (string)

versions : [ »

0 : { »

status : affected (string)

version : FastConnect 6900 (string)

}

1 : { »

status : affected (string)

version : FastConnect 7800 (string)

}

2 : { »

status : affected (string)

version : Immersive Home 3210 Platform (string)

}

3 : { »

status : affected (string)

version : Immersive Home 326 Platform (string)

}

4 : { »

status : affected (string)

version : IPQ5300 (string)

}

5 : { »

status : affected (string)

version : IPQ5302 (string)

}

6 : { »

status : affected (string)

version : IPQ5312 (string)

}

7 : { »

status : affected (string)

version : IPQ5332 (string)

}

8 : { »

status : affected (string)

version : IPQ9008 (string)

}

9 : { »

status : affected (string)

version : IPQ9048 (string)

}

10 : { »

status : affected (string)

version : IPQ9554 (string)

}

11 : { »

status : affected (string)

version : IPQ9570 (string)

}

12 : { »

status : affected (string)

version : IPQ9574 (string)

}

13 : { »

status : affected (string)

version : QCA0000 (string)

}

14 : { »

status : affected (string)

version : QCA8075 (string)

}

15 : { »

status : affected (string)

version : QCA8081 (string)

}

16 : { »

status : affected (string)

version : QCA8082 (string)

}

17 : { »

status : affected (string)

version : QCA8084 (string)

}

18 : { »

status : affected (string)

version : QCA8085 (string)

}

19 : { »

status : affected (string)

version : QCA8386 (string)

}

20 : { »

status : affected (string)

version : QCF8000 (string)

}

21 : { »

status : affected (string)

version : QCF8000SFP (string)

}

22 : { »

status : affected (string)

version : QCF8001 (string)

}

23 : { »

status : affected (string)

version : QCN5124 (string)

}

24 : { »

status : affected (string)

version : QCN6224 (string)

}

25 : { »

status : affected (string)

version : QCN6402 (string)

}

26 : { »

status : affected (string)

version : QCN6412 (string)

}

27 : { »

status : affected (string)

version : QCN6422 (string)

}

28 : { »

status : affected (string)

version : QCN6432 (string)

}

29 : { »

status : affected (string)

version : QCN9000 (string)

}

30 : { »

status : affected (string)

version : QCN9012 (string)

}

31 : { »

status : affected (string)

version : QCN9013 (string)

}

32 : { »

status : affected (string)

version : QCN9024 (string)

}

33 : { »

status : affected (string)

version : QCN9074 (string)

}

34 : { »

status : affected (string)

version : QCN9160 (string)

}

35 : { »

status : affected (string)

version : QCN9274 (string)

}

36 : { »

status : affected (string)

version : QXM8083 (string)

}

37 : { »

status : affected (string)

version : SD 8 Gen1 5G (string)

}

38 : { »

status : affected (string)

version : SDM429W (string)

}

39 : { »

status : affected (string)

version : SDX65M (string)

}

40 : { »

status : affected (string)

version : Snapdragon 429 Mobile Platform (string)

}

41 : { »

status : affected (string)

version : Snapdragon AR1 Gen 1 Platform (string)

}

42 : { »

status : affected (string)

version : Snapdragon AR1 Gen 1 Platform "Luna1" (string)

}

43 : { »

status : affected (string)

version : Snapdragon AR2 Gen 1 Platform (string)

}

44 : { »

status : affected (string)

version : Snapdragon Wear 4100+ Platform (string)

}

45 : { »

status : affected (string)

version : Snapdragon X65 5G Modem-RF System (string)

}

46 : { »

status : affected (string)

version : SSG2115P (string)

}

47 : { »

status : affected (string)

version : SSG2125P (string)

}

48 : { »

status : affected (string)

version : SXR1230P (string)

}

49 : { »

status : affected (string)

version : SXR2230P (string)

}

50 : { »

status : affected (string)

version : SXR2250P (string)

}

51 : { »

status : affected (string)

version : WCD9380 (string)

}

52 : { »

status : affected (string)

version : WCD9385 (string)

}

53 : { »

status : affected (string)

version : WCN3620 (string)

}

54 : { »

status : affected (string)

version : WCN3660B (string)

}

55 : { »

status : affected (string)

version : WCN3680B (string)

}

56 : { »

status : affected (string)

version : WCN3980 (string)

}

57 : { »

status : affected (string)

version : WSA8830 (string)

}

58 : { »

status : affected (string)

version : WSA8832 (string)

}

59 : { »

status : affected (string)

version : WSA8835 (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR. (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 6.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N (string)

version : 3.1 (string)

}

format : CVSS (string)

scenarios : [ »

0 : { »

lang : en (string)

value : GENERAL (string)

}

]

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-1262 (string)

description : CWE-1262: Improper Access Control for Register Interface (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

orgId : 2cfc7d3e-20d3-47ac-8db7-1b7285aff15f (string)

shortName : qualcomm (string)

dateUpdated : 2025-04-07T10:15:47.649Z (string)

}

references : [ »

0 : { »

url : https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html (string)

}

]

title : Improper Access Control for Register Interface in TZ Firmware (string)

}

adp : [ »

0 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2025-04-07T15:51:44.636784Z (string)

id : CVE-2024-45556 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2025-04-07T15:51:55.660Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-45556", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-07T15:51:44.636784Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-07T15:51:51.378Z"}}], "cna": {"title": "Improper Access Control for Register Interface in TZ Firmware", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Qualcomm, Inc.", "product": "Snapdragon", "versions": [{"status": "affected", "version": "FastConnect 6900"}, {"status": "affected", "version": "FastConnect 7800"}, {"status": "affected", "version": "Immersive Home 3210 Platform"}, {"status": "affected", "version": "Immersive Home 326 Platform"}, {"status": "affected", "version": "IPQ5300"}, {"status": "affected", "version": "IPQ5302"}, {"status": "affected", "version": "IPQ5312"}, {"status": "affected", "version": "IPQ5332"}, {"status": "affected", "version": "IPQ9008"}, {"status": "affected", "version": "IPQ9048"}, {"status": "affected", "version": "IPQ9554"}, {"status": "affected", "version": "IPQ9570"}, {"status": "affected", "version": "IPQ9574"}, {"status": "affected", "version": "QCA0000"}, {"status": "affected", "version": "QCA8075"}, {"status": "affected", "version": "QCA8081"}, {"status": "affected", "version": "QCA8082"}, {"status": "affected", "version": "QCA8084"}, {"status": "affected", "version": "QCA8085"}, {"status": "affected", "version": "QCA8386"}, {"status": "affected", "version": "QCF8000"}, {"status": "affected", "version": "QCF8000SFP"}, {"status": "affected", "version": "QCF8001"}, {"status": "affected", "version": "QCN5124"}, {"status": "affected", "version": "QCN6224"}, {"status": "affected", "version": "QCN6402"}, {"status": "affected", "version": "QCN6412"}, {"status": "affected", "version": "QCN6422"}, {"status": "affected", "version": "QCN6432"}, {"status": "affected", "version": "QCN9000"}, {"status": "affected", "version": "QCN9012"}, {"status": "affected", "version": "QCN9013"}, {"status": "affected", "version": "QCN9024"}, {"status": "affected", "version": "QCN9074"}, {"status": "affected", "version": "QCN9160"}, {"status": "affected", "version": "QCN9274"}, {"status": "affected", "version": "QXM8083"}, {"status": "affected", "version": "SD 8 Gen1 5G"}, {"status": "affected", "version": "SDM429W"}, {"status": "affected", "version": "SDX65M"}, {"status": "affected", "version": "Snapdragon 429 Mobile Platform"}, {"status": "affected", "version": "Snapdragon AR1 Gen 1 Platform"}, {"status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\""}, {"status": "affected", "version": "Snapdragon AR2 Gen 1 Platform"}, {"status": "affected", "version": "Snapdragon Wear 4100+ Platform"}, {"status": "affected", "version": "Snapdragon X65 5G Modem-RF System"}, {"status": "affected", "version": "SSG2115P"}, {"status": "affected", "version": "SSG2125P"}, {"status": "affected", "version": "SXR1230P"}, {"status": "affected", "version": "SXR2230P"}, {"status": "affected", "version": "SXR2250P"}, {"status": "affected", "version": "WCD9380"}, {"status": "affected", "version": "WCD9385"}, {"status": "affected", "version": "WCN3620"}, {"status": "affected", "version": "WCN3660B"}, {"status": "affected", "version": "WCN3680B"}, {"status": "affected", "version": "WCN3980"}, {"status": "affected", "version": "WSA8830"}, {"status": "affected", "version": "WSA8832"}, {"status": "affected", "version": "WSA8835"}], "platforms": ["Snapdragon CCW", "Snapdragon Compute", "Snapdragon Wearables", "Snapdragon Wired Infrastructure and Networking"], "defaultStatus": "unaffected"}], "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html"}], "descriptions": [{"lang": "en", "value": "Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1262", "description": "CWE-1262: Improper Access Control for Register Interface"}]}], "providerMetadata": {"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm", "dateUpdated": "2025-04-07T10:15:47.649Z"}}}, "cveMetadata": {"cveId": "CVE-2024-45556", "state": "PUBLISHED", "dateUpdated": "2025-04-07T15:51:55.660Z", "dateReserved": "2024-09-02T10:26:15.223Z", "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "datePublished": "2025-04-07T10:15:47.649Z", "assignerShortName": "qualcomm"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-45556 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2025-04-07T15:51:44.636784Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2025-04-07T15:51:51.378Z (string)

}

]

cna : { »

title : Improper Access Control for Register Interface in TZ Firmware (string)

metrics : [ »

0 : { »

format : CVSS (string)

cvssV3_1 : { »

scope : CHANGED (string)

version : 3.1 (string)

baseScore : 6.5 (number)

attackVector : LOCAL (string)

baseSeverity : MEDIUM (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N (string)

integrityImpact : NONE (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : NONE (string)

privilegesRequired : LOW (string)

confidentialityImpact : HIGH (string)

}

scenarios : [ »

0 : { »

lang : en (string)

value : GENERAL (string)

}

]

}

]

affected : [ »

0 : { »

vendor : Qualcomm, Inc. (string)

product : Snapdragon (string)

versions : [ »

0 : { »

status : affected (string)

version : FastConnect 6900 (string)

}

1 : { »

status : affected (string)

version : FastConnect 7800 (string)

}

2 : { »

status : affected (string)

version : Immersive Home 3210 Platform (string)

}

3 : { »

status : affected (string)

version : Immersive Home 326 Platform (string)

}

4 : { »

status : affected (string)

version : IPQ5300 (string)

}

5 : { »

status : affected (string)

version : IPQ5302 (string)

}

6 : { »

status : affected (string)

version : IPQ5312 (string)

}

7 : { »

status : affected (string)

version : IPQ5332 (string)

}

8 : { »

status : affected (string)

version : IPQ9008 (string)

}

9 : { »

status : affected (string)

version : IPQ9048 (string)

}

10 : { »

status : affected (string)

version : IPQ9554 (string)

}

11 : { »

status : affected (string)

version : IPQ9570 (string)

}

12 : { »

status : affected (string)

version : IPQ9574 (string)

}

13 : { »

status : affected (string)

version : QCA0000 (string)

}

14 : { »

status : affected (string)

version : QCA8075 (string)

}

15 : { »

status : affected (string)

version : QCA8081 (string)

}

16 : { »

status : affected (string)

version : QCA8082 (string)

}

17 : { »

status : affected (string)

version : QCA8084 (string)

}

18 : { »

status : affected (string)

version : QCA8085 (string)

}

19 : { »

status : affected (string)

version : QCA8386 (string)

}

20 : { »

status : affected (string)

version : QCF8000 (string)

}

21 : { »

status : affected (string)

version : QCF8000SFP (string)

}

22 : { »

status : affected (string)

version : QCF8001 (string)

}

23 : { »

status : affected (string)

version : QCN5124 (string)

}

24 : { »

status : affected (string)

version : QCN6224 (string)

}

25 : { »

status : affected (string)

version : QCN6402 (string)

}

26 : { »

status : affected (string)

version : QCN6412 (string)

}

27 : { »

status : affected (string)

version : QCN6422 (string)

}

28 : { »

status : affected (string)

version : QCN6432 (string)

}

29 : { »

status : affected (string)

version : QCN9000 (string)

}

30 : { »

status : affected (string)

version : QCN9012 (string)

}

31 : { »

status : affected (string)

version : QCN9013 (string)

}

32 : { »

status : affected (string)

version : QCN9024 (string)

}

33 : { »

status : affected (string)

version : QCN9074 (string)

}

34 : { »

status : affected (string)

version : QCN9160 (string)

}

35 : { »

status : affected (string)

version : QCN9274 (string)

}

36 : { »

status : affected (string)

version : QXM8083 (string)

}

37 : { »

status : affected (string)

version : SD 8 Gen1 5G (string)

}

38 : { »

status : affected (string)

version : SDM429W (string)

}

39 : { »

status : affected (string)

version : SDX65M (string)

}

40 : { »

status : affected (string)

version : Snapdragon 429 Mobile Platform (string)

}

41 : { »

status : affected (string)

version : Snapdragon AR1 Gen 1 Platform (string)

}

42 : { »

status : affected (string)

version : Snapdragon AR1 Gen 1 Platform "Luna1" (string)

}

43 : { »

status : affected (string)

version : Snapdragon AR2 Gen 1 Platform (string)

}

44 : { »

status : affected (string)

version : Snapdragon Wear 4100+ Platform (string)

}

45 : { »

status : affected (string)

version : Snapdragon X65 5G Modem-RF System (string)

}

46 : { »

status : affected (string)

version : SSG2115P (string)

}

47 : { »

status : affected (string)

version : SSG2125P (string)

}

48 : { »

status : affected (string)

version : SXR1230P (string)

}

49 : { »

status : affected (string)

version : SXR2230P (string)

}

50 : { »

status : affected (string)

version : SXR2250P (string)

}

51 : { »

status : affected (string)

version : WCD9380 (string)

}

52 : { »

status : affected (string)

version : WCD9385 (string)

}

53 : { »

status : affected (string)

version : WCN3620 (string)

}

54 : { »

status : affected (string)

version : WCN3660B (string)

}

55 : { »

status : affected (string)

version : WCN3680B (string)

}

56 : { »

status : affected (string)

version : WCN3980 (string)

}

57 : { »

status : affected (string)

version : WSA8830 (string)

}

58 : { »

status : affected (string)

version : WSA8832 (string)

}

59 : { »

status : affected (string)

version : WSA8835 (string)

}

]

platforms : [ »

0 : Snapdragon CCW (string)

1 : Snapdragon Compute (string)

2 : Snapdragon Wearables (string)

3 : Snapdragon Wired Infrastructure and Networking (string)

]

defaultStatus : unaffected (string)

}

]

references : [ »

0 : { »

url : https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-1262 (string)

description : CWE-1262: Improper Access Control for Register Interface (string)

}

]

}

]

providerMetadata : { »

orgId : 2cfc7d3e-20d3-47ac-8db7-1b7285aff15f (string)

shortName : qualcomm (string)

dateUpdated : 2025-04-07T10:15:47.649Z (string)

}

cveMetadata : { »

cveId : CVE-2024-45556 (string)

state : PUBLISHED (string)

dateUpdated : 2025-04-07T15:51:55.660Z (string)

dateReserved : 2024-09-02T10:26:15.223Z (string)

assignerOrgId : 2cfc7d3e-20d3-47ac-8db7-1b7285aff15f (string)

datePublished : 2025-04-07T10:15:47.649Z (string)

assignerShortName : qualcomm (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR."}], "id": "CVE-2024-45556", "lastModified": "2025-04-07T14:17:50.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "product-security@qualcomm.com", "type": "Primary"}]}, "published": "2025-04-07T11:15:49.850", "references": [{"source": "product-security@qualcomm.com", "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html"}], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1262"}], "source": "product-security@qualcomm.com", "type": "Primary"}]}

{

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR. (string)

}

]

id : CVE-2024-45556 (string)

lastModified : 2025-04-07T14:17:50.220 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 6.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 2 (number)

impactScore : 4 (number)

source : product-security@qualcomm.com (string)

type : Primary (string)

}

]

}

published : 2025-04-07T11:15:49.850 (string)

references : [ »

0 : { »

source : product-security@qualcomm.com (string)

url : https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html (string)

}

]

sourceIdentifier : product-security@qualcomm.com (string)

vulnStatus : Awaiting Analysis (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-1262 (string)

}

]

source : product-security@qualcomm.com (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object