Information disclosure may occur while decoding the RTP packet with invalid header extension from network.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

No data.

No data.

No data.

References
Link Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html cve-icon cve-icon
History

Tue, 03 Jun 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 03 Jun 2025 06:00:00 +0000

Type Values Removed Values Added
Description Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
Title Buffer Over-read in Data Network Stack & Connectivity
Weaknesses CWE-126
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L'}
cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2025-06-03T05:52:54.550Z

Updated: 2025-06-03T14:49:32.785Z

Reserved: 2024-11-19T01:01:57.501Z

Link: CVE-2024-53020

cve-icon Vulnrichment

Updated: 2025-06-03T14:49:28.052Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-06-03T06:15:25.347

Modified: 2025-06-04T14:54:33.783

Link: CVE-2024-53020

cve-icon Redhat

No data.