CVE-2024-33044
published 2024-12-02CVE-2024-33044: Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
PriorityP341high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.10%
1.3th percentile
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
Affected
214 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cisa9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rj89-pvp9-vqg3: Memory corruption while Configuring the SMR/S2CR register in Bypass mode
ghsa_unreviewed·2024-12-02
CVE-2024-33044 [HIGH] CWE-129 GHSA-rj89-pvp9-vqg3: Memory corruption while Configuring the SMR/S2CR register in Bypass mode
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
Android
CVE-2024-33044: Closed-source component
vendor_android·2024-12-01·CVSS 8.4
CVE-2024-33044 [HIGH] CVE-2024-33044: Closed-source component
Android Security Bulletin 2024-12-01
CVE: CVE-2024-33044
Severity: HIGH
Component: Closed-source component
References: A-344620789 *
CISA
Dahua IP Camera Authentication Bypass Vulnerability
cisa·2024-08-21·CVSS 9.8
CVE-2021-33044 [CRITICAL] CWE-287 Dahua IP Camera Authentication Bypass Vulnerability
Vulnerability: Dahua IP Camera Authentication Bypass Vulnerability
Affected: Dahua IP Camera Firmware
Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication.
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes: https://www.dahuasecurity.com/aboutUs/trustedCenter/details/582; https://nvd.nist.gov/vuln/detail/CVE-2021-33044
Remediation Due Date: 2024-09-11
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-12-02
Published