CVE-2024-53020 | Buffer Over-read in Data Network Stack & Connectivity

Information disclosure may occur while decoding the RTP packet with invalid header extension from network.

Published: 2025-06-03 Last update: 2025-11-28 Assigner: [email protected] Source: [email protected]
NVD Status:AnalyzedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2024-53020 is rated Moderate Risk (52.4/100): CVSS High severity, with medium exploitation likelihood (EPSS 0.32%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2024-53020

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-03-30 0.05% 0.32% +0.27%
2 2025-12-28 0.05% 0.05% +0.01%
3 2025-11-29 0.05%

Full EPSS history (5 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2024-53020

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
8.2 3.1 HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:L)
Might cause slowdowns, glitches, or partial disruption—not a full brick.
 3.9 4.2 [email protected]

Weakness enumeration for CVE-2024-53020

Affected software / configurations for CVE-2024-53020

Vendor Product Version Raw CPE
qualcomm apq8017_firmware cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
qualcomm apq8064au_firmware cpe:2.3:o:qualcomm:apq8064au_firmware:-:*:*:*:*:*:*:*
qualcomm aqt1000_firmware cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
qualcomm fastconnect_6200_firmware cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*
qualcomm fastconnect_6700_firmware cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*
qualcomm qcm6125_firmware cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*
qualcomm qcm6490_firmware cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
qualcomm qcm8550_firmware cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*
qualcomm qcn9011_firmware cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*
qualcomm qcn9012_firmware cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*
qualcomm qcn9274_firmware cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*
qualcomm qcs2290_firmware cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*
qualcomm qcs410_firmware cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*
qualcomm qcs4290_firmware cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*
qualcomm qcs4490_firmware cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*
qualcomm qcs5430_firmware cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*
qualcomm qcs610_firmware cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*
qualcomm qcs6125_firmware cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*
qualcomm qcs615_firmware cpe:2.3:o:qualcomm:qcs615_firmware:-:*:*:*:*:*:*:*
qualcomm qcs6490_firmware cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*
qualcomm qcs8300_firmware cpe:2.3:o:qualcomm:qcs8300_firmware:-:*:*:*:*:*:*:*
qualcomm qcs8550_firmware cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*
qualcomm qcs9100_firmware cpe:2.3:o:qualcomm:qcs9100_firmware:-:*:*:*:*:*:*:*
qualcomm qmp1000_firmware cpe:2.3:o:qualcomm:qmp1000_firmware:-:*:*:*:*:*:*:*
qualcomm 205_mobile_platform_firmware cpe:2.3:o:qualcomm:205_mobile_platform_firmware:-:*:*:*:*:*:*:*
qualcomm 215_mobile_platform_firmware cpe:2.3:o:qualcomm:215_mobile_platform_firmware:-:*:*:*:*:*:*:*
qualcomm video_collaboration_vc1_platform_firmware cpe:2.3:o:qualcomm:video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*
qualcomm video_collaboration_vc3_platform_firmware cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*
qualcomm robotics_rb3_platform_firmware cpe:2.3:o:qualcomm:robotics_rb3_platform_firmware:-:*:*:*:*:*:*:*
qualcomm sa4150p_firmware cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*
qualcomm sa4155p_firmware cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*
qualcomm sa6145p_firmware cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*
qualcomm sa6150p_firmware cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*
qualcomm sa6155_firmware cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*
qualcomm sa6155p_firmware cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
qualcomm sa7255p_firmware cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*
qualcomm sa7775p_firmware cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8145p_firmware cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8150p_firmware cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8155_firmware cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*
qualcomm sa8155p_firmware cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8195p_firmware cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8255p_firmware cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8295p_firmware cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*
qualcomm sa8620p_firmware cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*
qualcomm wcd9395_firmware cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3610_firmware cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3615_firmware cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3620_firmware cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3660b_firmware cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3680_firmware cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3680b_firmware cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3910_firmware cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3950_firmware cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3980_firmware cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3988_firmware cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
qualcomm wcn3990_firmware cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*
qualcomm wcn6450_firmware cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:*
qualcomm wcn6650_firmware cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*
qualcomm wcn6740_firmware cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*
qualcomm wcn6755_firmware cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*
qualcomm wcn7750_firmware cpe:2.3:o:qualcomm:wcn7750_firmware:-:*:*:*:*:*:*:*
qualcomm wcn7860_firmware cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*
qualcomm wcn7861_firmware cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*
qualcomm wcn7880_firmware cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*
qualcomm wcn7881_firmware cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*
qualcomm wsa8810_firmware cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
qualcomm wsa8815_firmware cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
qualcomm wsa8830_firmware cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
qualcomm wsa8832_firmware cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
qualcomm wsa8835_firmware cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
qualcomm wsa8840_firmware cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*
qualcomm wsa8845_firmware cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*
qualcomm wsa8845h_firmware cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*
qualcomm fastconnect_6800_firmware cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*
qualcomm fastconnect_6900_firmware cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
qualcomm fastconnect_7800_firmware cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
qualcomm msm8996au_firmware cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
qualcomm qam8255p_firmware cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*
qualcomm qam8295p_firmware cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*

References for CVE-2024-53020

cvelogic Threat Intelligence