CVE-2024-49847

7.5

HIGH

Vulnerability Title: Oracle Transportation Management DOS

Description

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.

INFO

Published Date :

May 6, 2025, 9:15 a.m.

Last Modified :

May 9, 2025, 7:10 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

3.9

Affected Products

The following products are affected by CVE-2024-49847 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Qualcomm	qca6574au_firmware
2	Qualcomm	qca6595au_firmware
3	Qualcomm	wcn3980_firmware
4	Qualcomm	wsa8830_firmware
5	Qualcomm	wsa8835_firmware
6	Qualcomm	ar8035_firmware
7	Qualcomm	qca6584au_firmware
8	Qualcomm	qca6678aq_firmware
9	Qualcomm	qca6698aq_firmware
10	Qualcomm	qca8081_firmware
11	Qualcomm	qca8337_firmware
12	Qualcomm	wcd9340_firmware
13	Qualcomm	wcd9370_firmware
14	Qualcomm	wcd9375_firmware
15	Qualcomm	wsa8832_firmware
16	Qualcomm	wcn3660b_firmware
17	Qualcomm	wcn3680b_firmware
18	Qualcomm	wcn3610_firmware
19	Qualcomm	fastconnect_7800_firmware
20	Qualcomm	sdm429w_firmware
21	Qualcomm	wcn3620_firmware
22	Qualcomm	snapdragon_wear_4100\+_firmware
23	Qualcomm	qcc710_firmware
24	Qualcomm	wcd9390_firmware
25	Qualcomm	wcd9395_firmware
26	Qualcomm	wsa8840_firmware
27	Qualcomm	wsa8845_firmware
28	Qualcomm	wsa8845h_firmware
29	Qualcomm	qcn6224_firmware
30	Qualcomm	qcn6274_firmware
31	Qualcomm	qfw7114_firmware
32	Qualcomm	qfw7124_firmware
33	Qualcomm	ar8035
34	Qualcomm	qca6574au
35	Qualcomm	qca6584au
36	Qualcomm	qca6595au
37	Qualcomm	sdm429w
38	Qualcomm	wcd9340
39	Qualcomm	wcd9370
40	Qualcomm	wcd9375
41	Qualcomm	wcn3610
42	Qualcomm	wcn3620
43	Qualcomm	wcn3660b
44	Qualcomm	wcn3680b
45	Qualcomm	wcn3980
46	Qualcomm	wsa8830
47	Qualcomm	wsa8835
48	Qualcomm	qca8337
49	Qualcomm	qca8081
50	Qualcomm	snapdragon_auto_5g_modem-rf_gen_2_firmware
51	Qualcomm	qca6688aq_firmware
52	Qualcomm	fastconnect_7800
53	Qualcomm	qca6698aq
54	Qualcomm	qcc710
55	Qualcomm	qcn6224
56	Qualcomm	qcn6274
57	Qualcomm	qfw7114
58	Qualcomm	qfw7124
59	Qualcomm	snapdragon_auto_5g_modem-rf_gen_2
60	Qualcomm	wcd9390
61	Qualcomm	wcd9395
62	Qualcomm	wsa8832
63	Qualcomm	wsa8840
64	Qualcomm	wsa8845
65	Qualcomm	wsa8845h
66	Qualcomm	qca6678aq
67	Qualcomm	qca6688aq
68	Qualcomm	snapdragon_wear_4100\+
69	Qualcomm	sm8635_firmware
70	Qualcomm	sm8635
71	Qualcomm	sm8750_firmware
72	Qualcomm	sm8750
73	Qualcomm	wcn6755_firmware
74	Qualcomm	wcn6755
75	Qualcomm	snapdragon_429_mobile_firmware
76	Qualcomm	snapdragon_429_mobile
77	Qualcomm	snapdragon_8_gen_3_mobile_firmware
78	Qualcomm	snapdragon_8_gen_3_mobile
79	Qualcomm	snapdragon_x72_5g_modem-rf_firmware
80	Qualcomm	snapdragon_x72_5g_modem-rf
81	Qualcomm	snapdragon_x75_5g_modem-rf_firmware
82	Qualcomm	snapdragon_x75_5g_modem-rf
83	Qualcomm	sm8750p_firmware
84	Qualcomm	sm8750p
85	Qualcomm	sm7675_firmware
86	Qualcomm	sm7675
87	Qualcomm	sm7675p_firmware
88	Qualcomm	sm7675p
89	Qualcomm	sm8635p_firmware
90	Qualcomm	sm8635p
91	Qualcomm	sdx80m_firmware
92	Qualcomm	sdx80m
93	Qualcomm	sm8650q_firmware
94	Qualcomm	sm8650q

: Total Affected Vendor : 1 | Products : 94

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-49847.

URL	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html	Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-49847 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2024-49847 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

Initial Analysis by [email protected]

May. 09, 2025

Action	Type	New Value
Added	CWE	CWE-125
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:ar8035_firmware:-::::::: OR cpe:2.3:h:qualcomm:ar8035:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-::::::: OR cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qca6574au_firmware:-::::::: OR cpe:2.3:h:qualcomm:qca6574au:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qca6584au_firmware:-::::::: OR cpe:2.3:h:qualcomm:qca6584au:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qca6595au_firmware:-::::::: OR cpe:2.3:h:qualcomm:qca6595au:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qca6678aq_firmware:-::::::: OR cpe:2.3:h:qualcomm:qca6678aq:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qca6688aq_firmware:-::::::: OR cpe:2.3:h:qualcomm:qca6688aq:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qca6698aq_firmware:-::::::: OR cpe:2.3:h:qualcomm:qca6698aq:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qca8081_firmware:-::::::: OR cpe:2.3:h:qualcomm:qca8081:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qca8337_firmware:-::::::: OR cpe:2.3:h:qualcomm:qca8337:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qcc710_firmware:-::::::: OR cpe:2.3:h:qualcomm:qcc710:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qcn6224_firmware:-::::::: OR cpe:2.3:h:qualcomm:qcn6224:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qcn6274_firmware:-::::::: OR cpe:2.3:h:qualcomm:qcn6274:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qfw7114_firmware:-::::::: OR cpe:2.3:h:qualcomm:qfw7114:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:qfw7124_firmware:-::::::: OR cpe:2.3:h:qualcomm:qfw7124:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:sdm429w_firmware:-::::::: OR cpe:2.3:h:qualcomm:sdm429w:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:sdx80m_firmware:-::::::: OR cpe:2.3:h:qualcomm:sdx80m:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:sm7675_firmware:-::::::: OR cpe:2.3:h:qualcomm:sm7675:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:sm7675p_firmware:-::::::: OR cpe:2.3:h:qualcomm:sm7675p:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:sm8635_firmware:-::::::: OR cpe:2.3:h:qualcomm:sm8635:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:sm8635p_firmware:-::::::: OR cpe:2.3:h:qualcomm:sm8635p:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:sm8650q_firmware:-::::::: OR cpe:2.3:h:qualcomm:sm8650q:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:sm8750_firmware:-::::::: OR cpe:2.3:h:qualcomm:sm8750:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:sm8750p_firmware:-::::::: OR cpe:2.3:h:qualcomm:sm8750p:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-::::::: OR cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_firmware:-::::::: OR cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-::::::: OR cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:snapdragon_wear_4100+_firmware:-::::::: OR cpe:2.3:h:qualcomm:snapdragon_wear_4100+:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:snapdragon_x72_5g_modem-rf_firmware:-::::::: OR cpe:2.3:h:qualcomm:snapdragon_x72_5g_modem-rf:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:snapdragon_x75_5g_modem-rf_firmware:-::::::: OR cpe:2.3:h:qualcomm:snapdragon_x75_5g_modem-rf:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcd9340_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcd9340:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcd9370_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcd9370:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcd9375_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcd9375:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcd9390_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcd9390:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcd9395_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcd9395:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcn3610_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcn3610:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcn3620_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcn3620:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcn3660b_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcn3660b:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcn3680b_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcn3680b:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcn3980_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcn3980:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wcn6755_firmware:-::::::: OR cpe:2.3:h:qualcomm:wcn6755:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wsa8830_firmware:-::::::: OR cpe:2.3:h:qualcomm:wsa8830:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wsa8832_firmware:-::::::: OR cpe:2.3:h:qualcomm:wsa8832:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wsa8835_firmware:-::::::: OR cpe:2.3:h:qualcomm:wsa8835:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wsa8840_firmware:-::::::: OR cpe:2.3:h:qualcomm:wsa8840:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wsa8845_firmware:-::::::: OR cpe:2.3:h:qualcomm:wsa8845:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:qualcomm:wsa8845h_firmware:-::::::: OR cpe:2.3:h:qualcomm:wsa8845h:-:::::::*
Added	Reference Type	Qualcomm, Inc.: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html Types: Vendor Advisory

New CVE Received by [email protected]

May. 06, 2025

Action	Type	New Value
Added	Description	Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.
Added	CVSS V3.1	AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Added	CWE	CWE-126
Added	Reference	https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-49847 is associated with the following CWEs:

CWE-125: Out-of-bounds Read

CWE-126: Buffer Over-read

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-49847 weaknesses.

CAPEC-540: Overread Buffers Overread Buffers

CVE-2024-49847

Vulnerability Title: Oracle Transportation Management DOS

Description

INFO

May 6, 2025, 9:15 a.m.

May 9, 2025, 7:10 p.m.

[email protected]

Yes !

3.6

3.9

Affected Products

References to Advisories, Solutions, and Tools

Initial Analysis by [email protected]

New CVE Received by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable