Search

Find a vulnerability

Search criteria

    13 vulnerabilities found for qualcomm by qualcomm

    VAR-201907-0880

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607 and other products are products of Qualcomm. The MDM9607 is a central processing unit (CPU) product. The MDM9650 is a central processing unit (CPU) product. The SDX20 is a modem. An attacker could exploit this vulnerability to cause memory out of bounds access

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201907-0880",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 665",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "730"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "665"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2279"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          }
        ]
      },
      "cve": "CVE-2019-2279",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-2279",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-27321",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-153714",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2279",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2279",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2279",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-27321",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201907-1166",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-153714",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-1166"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2279"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607 and other products are products of Qualcomm. The MDM9607 is a central processing unit (CPU) product. The MDM9650 is a central processing unit (CPU) product. The SDX20 is a modem. An attacker could exploit this vulnerability to cause memory out of bounds access",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153714"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2279",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-1166",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-153714",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-1166"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2279"
          }
        ]
      },
      "id": "VAR-201907-0880",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153714"
          }
        ],
        "trust": 1.6564394
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:04:44.854000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "June 2019 Code Aurora Security Bulletin",
            "trust": 0.8,
            "url": "https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin"
          },
          {
            "title": "Patches for multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2019-27321)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/175013"
          },
          {
            "title": "Multiple Qualcomm Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95352"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-1166"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-119",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-153714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2279"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2279"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2279"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-1166"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2279"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-1166"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2279"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "date": "2019-07-22T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153714"
          },
          {
            "date": "2019-07-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "date": "2019-07-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201907-1166"
          },
          {
            "date": "2019-07-22T14:15:12.207000",
            "db": "NVD",
            "id": "CVE-2019-2279"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-27321"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153714"
          },
          {
            "date": "2019-07-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201907-1166"
          },
          {
            "date": "2024-11-21T04:40:36.487000",
            "db": "NVD",
            "id": "CVE-2019-2279"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-1166"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006653"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-1166"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201905-0616

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a double release vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The MDM9607 is a central processing unit (CPU) product. The MDM9640 is a central processing unit (CPU) product. A resource management error vulnerability exists in several Qualcomm products. The vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. The following products and versions are affected: Qualcomm MDM9150; MDM9206; MDM9607; MDM9640; MDM9650; MSM8909W; MSM8996AU; QCS605; /16; SD 415; SD 625; SD 632; SD 636; SD 650/52; SD 712; SD 710; SD 670; SD 820A; SD 835; SD 845; SD 850; SD 855; SDM660; SDX20; SDX24

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0616",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd 210/sd 212/sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd 615/16/sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "415"
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "650/52"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2247"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          }
        ]
      },
      "cve": "CVE-2019-2247",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2247",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2019-16543",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "VHN-153682",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-2247",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2247",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2247",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-16543",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201905-998",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-153682",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-998"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2247"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a double release vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The MDM9607 is a central processing unit (CPU) product. The MDM9640 is a central processing unit (CPU) product. A resource management error vulnerability exists in several Qualcomm products. The vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. The following products and versions are affected: Qualcomm MDM9150; MDM9206; MDM9607; MDM9640; MDM9650; MSM8909W; MSM8996AU; QCS605; /16; SD 415; SD 625; SD 632; SD 636; SD 650/52; SD 712; SD 710; SD 670; SD 820A; SD 835; SD 845; SD 850; SD 855; SDM660; SDX20; SDX24",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2247"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153682"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2247",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-998",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-153682",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-998"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2247"
          }
        ]
      },
      "id": "VAR-201905-0616",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153682"
          }
        ],
        "trust": 1.6782197
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:40.552000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "April 2019 Code Aurora Security Bulletin",
            "trust": 0.8,
            "url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
          },
          {
            "title": "Patches for several Qualcomm Product Resource Management Error Vulnerabilities (CNVD-2019-16543)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/163065"
          },
          {
            "title": "Multiple Qualcomm Product resource management error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92954"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-998"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-415",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-153682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2247"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2247"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2247"
          },
          {
            "trust": 0.6,
            "url": "https://web.nvd.nist.gov//vuln/detail/cve-2019-2247"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-998"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2247"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-998"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2247"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-06-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153682"
          },
          {
            "date": "2019-06-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-998"
          },
          {
            "date": "2019-05-24T17:29:02.740000",
            "db": "NVD",
            "id": "CVE-2019-2247"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-06-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-16543"
          },
          {
            "date": "2019-05-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153682"
          },
          {
            "date": "2019-06-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          },
          {
            "date": "2019-05-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-998"
          },
          {
            "date": "2024-11-21T04:40:31.813000",
            "db": "NVD",
            "id": "CVE-2019-2247"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-998"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Double release vulnerability in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004904"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-998"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201905-0617

    Vulnerability from variot - Updated: 2024-11-23 22:55

    Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 820, SD 820A, SD 845 / SD 850, SDM439, SDM660, SDX20. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The MDM9607 is a central processing unit (CPU) product. The MDM9650 is a central processing unit (CPU) product. A buffer overflow vulnerability exists in several Qualcomm products that could allow an attacker to cause a buffer overflow or heap overflow. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. The following products and versions are affected: Qualcomm MDM9150; MDM9206; MDM9607; MDM9650; MSM8909W; MSM8996AU; Qualcomm 215; SD 210; SD 212; SD 205; SD 450; SD 615/16; SD 415; SD 625; SD 632; SD 636; SD 650/52; SD 820; SD 820A; SD 845; SD 850; SDM439;

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0617",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "615/16"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "415"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "650/52"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2248"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          }
        ]
      },
      "cve": "CVE-2019-2248",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2248",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2019-15892",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "VHN-153683",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-2248",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2248",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2248",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-15892",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201905-1002",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-153683",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-1002"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2248"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 820, SD 820A, SD 845 / SD 850, SDM439, SDM660, SDX20. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The MDM9607 is a central processing unit (CPU) product. The MDM9650 is a central processing unit (CPU) product. A buffer overflow vulnerability exists in several Qualcomm products that could allow an attacker to cause a buffer overflow or heap overflow. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. The following products and versions are affected: Qualcomm MDM9150; MDM9206; MDM9607; MDM9650; MSM8909W; MSM8996AU; Qualcomm 215; SD 210; SD 212; SD 205; SD 450; SD 615/16; SD 415; SD 625; SD 632; SD 636; SD 650/52; SD 820; SD 820A; SD 845; SD 850; SDM439;",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2248"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153683"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2248",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-1002",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-153683",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-1002"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2248"
          }
        ]
      },
      "id": "VAR-201905-0617",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153683"
          }
        ],
        "trust": 1.6564394
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:55:33.253000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "April 2019 Code Aurora Security Bulletin",
            "trust": 0.8,
            "url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
          },
          {
            "title": "Patches for multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2019-15892)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/162411"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92958"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-1002"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-153683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2248"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2248"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2248"
          },
          {
            "trust": 0.6,
            "url": "https://web.nvd.nist.gov//vuln/detail/cve-2019-2248"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-os-multiple-vulnerabilities-30243"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-1002"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2248"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-1002"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2248"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153683"
          },
          {
            "date": "2019-06-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-1002"
          },
          {
            "date": "2019-05-24T17:29:02.787000",
            "db": "NVD",
            "id": "CVE-2019-2248"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-15892"
          },
          {
            "date": "2019-05-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153683"
          },
          {
            "date": "2019-06-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          },
          {
            "date": "2019-09-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-1002"
          },
          {
            "date": "2024-11-21T04:40:31.973000",
            "db": "NVD",
            "id": "CVE-2019-2248"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-1002"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-004905"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-1002"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201909-1453

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA8081, QCA9379, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm WLAN chip is a dedicated chip for Qualcomm platform to handle WLAN/WIFI protocol. It belongs to Qualcomm Baseband subsystem, which is used to improve WLAN/WIFI processing speed and performance and reduce energy consumption. A remote code execution vulnerability exists in the Qualcomm WLAN chip. An attacker can control the WLAN firmware and eventually cause arbitrary code to be executed on the server. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. A buffer error vulnerability exists in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Qualcomm MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA8081, QCA9379, QCS404, QCS405, QCS605; Qualcomm 215, SD 2120/SD 2120/SD , SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX; Qualcomm SDA660, SDM439, SDM630, SDM660; Qualcomm SDX20, SDX24, SXR1130

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201909-1453",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "qca6584",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "qca9379",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 665",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 8cx",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sdx24",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd 8cx",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          },
          {
            "model": "qca9379",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "730"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "665"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10539"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6174a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6584_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          }
        ]
      },
      "cve": "CVE-2019-10539",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10539",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-28290",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-142095",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10539",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10539",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10539",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-10539",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-28290",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-433",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-142095",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142095"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10539"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA8081, QCA9379, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm WLAN chip is a dedicated chip for Qualcomm platform to handle WLAN/WIFI protocol. It belongs to Qualcomm Baseband subsystem, which is used to improve WLAN/WIFI processing speed and performance and reduce energy consumption. A remote code execution vulnerability exists in the Qualcomm WLAN chip. An attacker can control the WLAN firmware and eventually cause arbitrary code to be executed on the server. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. A buffer error vulnerability exists in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Qualcomm MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA8081, QCA9379, QCS404, QCS405, QCS605; Qualcomm 215, SD 2120/SD 2120/SD , SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX; Qualcomm SDA660, SDM439, SDM630, SDM660; Qualcomm SDX20, SDX24, SXR1130",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10539"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142095"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10539",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-433",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-142095",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142095"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10539"
          }
        ]
      },
      "id": "VAR-201909-1453",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142095"
          }
        ],
        "trust": 1.6564394
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:49.724000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "August 2019 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2019-bulletin"
          },
          {
            "title": "Qualcomm WLAN chip remote code execution vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/176425"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96173"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-433"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-142095"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10539"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10539"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10539"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.com/security/bulletin/2019-08-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-august-2019-29951"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142095"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10539"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "db": "VULHUB",
            "id": "VHN-142095"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10539"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "date": "2019-09-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-142095"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-433"
          },
          {
            "date": "2019-09-30T16:15:11.040000",
            "db": "NVD",
            "id": "CVE-2019-10539"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-28290"
          },
          {
            "date": "2019-10-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-142095"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          },
          {
            "date": "2019-10-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-433"
          },
          {
            "date": "2024-11-21T04:19:23.623000",
            "db": "NVD",
            "id": "CVE-2019-10539"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Classic buffer overflow vulnerability in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-010018"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-433"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201907-0630

    Vulnerability from variot - Updated: 2024-11-23 22:11

    improper input validation in allocation request for secure allocations can lead to page fault. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Qualcomm MDM9640, etc. are all products of Qualcomm. MDM9640 is a central processing unit (CPU) product. MDM9650 is a central processing unit (CPU) product. SDX20 is a modem.

    The Kernel in many Qualcomm products has an input validation error vulnerability. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. No detailed vulnerability details are currently available

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201907-0630",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 665",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "665"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2330"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          }
        ]
      },
      "cve": "CVE-2019-2330",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2330",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-24779",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "VHN-153765",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-2330",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2330",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2330",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-24779",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201907-068",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-153765",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153765"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-068"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2330"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "improper input validation in allocation request for secure allocations can lead to page fault. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Qualcomm MDM9640, etc. are all products of Qualcomm. MDM9640 is a central processing unit (CPU) product. MDM9650 is a central processing unit (CPU) product. SDX20 is a modem. \n\r\n\r\nThe Kernel in many Qualcomm products has an input validation error vulnerability. The vulnerability stems from the fact that the network system or product did not correctly verify the input data. No detailed vulnerability details are currently available",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2330"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153765"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2330",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-068",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-153765",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153765"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-068"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2330"
          }
        ]
      },
      "id": "VAR-201907-0630",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153765"
          }
        ],
        "trust": 1.6564394
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:11:57.792000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "July 2019 Code Aurora Security Bulletin",
            "trust": 0.8,
            "url": "https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm product input verification error vulnerabilities (CNVD-2020-24779)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/215477"
          },
          {
            "title": "Android Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94302"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-068"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-153765"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2330"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2330"
          },
          {
            "trust": 1.7,
            "url": "https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2330"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-july-2019-29673"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153765"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-068"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2330"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153765"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-068"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2330"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "date": "2019-07-25T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153765"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "date": "2019-07-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201907-068"
          },
          {
            "date": "2019-07-25T17:15:13.987000",
            "db": "NVD",
            "id": "CVE-2019-2330"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-24779"
          },
          {
            "date": "2019-08-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153765"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201907-068"
          },
          {
            "date": "2024-11-21T04:40:43.623000",
            "db": "NVD",
            "id": "CVE-2019-2330"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-068"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to input validation in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007227"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201907-068"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202101-1463

    Vulnerability from variot - Updated: 2024-11-23 21:51

    Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue. Qualcomm The product contains a vulnerability related to information leakage.Information may be obtained

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202101-1463",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": "qualcomm  firmware"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3687"
          }
        ]
      },
      "cve": "CVE-2020-3687",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-3687",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-3687",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-3687",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3687",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-3687",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202101-1652",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-3687",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-3687"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1652"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3687"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue. Qualcomm The product contains a vulnerability related to information leakage.Information may be obtained",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3687"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3687"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3687",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1652",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3687",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-3687"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1652"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3687"
          }
        ]
      },
      "id": "VAR-202101-1463",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.9128788
      },
      "last_update_date": "2024-11-23T21:51:03.801000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "December\u00a02020\u00a0Security\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin"
          },
          {
            "title": "Multiple  Qualcomm Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=140011"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1652"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.0
          },
          {
            "problemtype": "information leak (CWE-200) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3687"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin"
          },
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3687"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/200.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-3687"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1652"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3687"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2020-3687"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1652"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3687"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-01-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3687"
          },
          {
            "date": "2021-10-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "date": "2021-01-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202101-1652"
          },
          {
            "date": "2021-01-21T10:15:15.137000",
            "db": "NVD",
            "id": "CVE-2020-3687"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-01-29T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3687"
          },
          {
            "date": "2021-10-06T09:05:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          },
          {
            "date": "2021-02-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202101-1652"
          },
          {
            "date": "2024-11-21T05:31:34.637000",
            "db": "NVD",
            "id": "CVE-2020-3687"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1652"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Qualcomm\u00a0 Information leakage vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015630"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1652"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201904-0540

    Vulnerability from variot - Updated: 2024-11-23 21:37

    Insufficient protection of keys in keypad can lead HLOS to gain access to confidential keypad input data in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9650, MDM9655, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016. plural Snapdragon The product contains an access control vulnerability.Information may be obtained. QualcommMDM9607 and others are a central processing unit (CPU) product of Qualcomm. There are access control error vulnerabilities in ContentProtection in several Qualcomm products. An attacker could exploit this vulnerability to gain access to sensitive keypad input data. The following products are affected: Qualcomm MDM9206; MDM9607; MDM9650; MDM9655; Qualcomm 215; SD 210; SD 212; SD 205; SD 410/12; SD 425; SD 427; SD 615/16; SD 415; SD 625; SD 632; SD 636; SD 650/52; SDA660; SDM439; SDM630; SDM660; Snapdragon_High_Med_2016

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0540",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "615/16"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "415"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "650/52"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "410/12"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11958"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          }
        ]
      },
      "cve": "CVE-2018-11958",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11958",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-08981",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-121869",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2018-11958",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11958",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11958",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-08981",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201903-137",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121869",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-11958",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121869"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11958"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-137"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11958"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Insufficient protection of keys in keypad can lead HLOS to gain access to confidential keypad input data in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music in MDM9206, MDM9607, MDM9650, MDM9655, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016. plural Snapdragon The product contains an access control vulnerability.Information may be obtained. QualcommMDM9607 and others are a central processing unit (CPU) product of Qualcomm. There are access control error vulnerabilities in ContentProtection in several Qualcomm products. An attacker could exploit this vulnerability to gain access to sensitive keypad input data. The following products are affected: Qualcomm MDM9206; MDM9607; MDM9650; MDM9655; Qualcomm 215; SD 210; SD 212; SD 205; SD 410/12; SD 425; SD 427; SD 615/16; SD 415; SD 625; SD 632; SD 636; SD 650/52; SDA660; SDM439; SDM630; SDM660; Snapdragon_High_Med_2016",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11958"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121869"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11958"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11958",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-137",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-121869",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11958",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121869"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11958"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-137"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11958"
          }
        ]
      },
      "id": "VAR-201904-0540",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121869"
          }
        ],
        "trust": 1.6564394
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:37:13.356000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "March 2019 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Patches for multiple Qualcomm product access control error vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/158071"
          },
          {
            "title": "Multiple Qualcomm Product access control error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89806"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin \u2014 March 2019",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=e9cddeba5732c8294d7cd6c4b6f1170b"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-critical-bluetooth-rce/142685/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11958"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-137"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121869"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11958"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11958"
          },
          {
            "trust": 1.2,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2019-28664"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11958"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2019-03-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/google-critical-bluetooth-rce/142685/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121869"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11958"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-137"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11958"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121869"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11958"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-137"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11958"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-04-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "date": "2019-04-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121869"
          },
          {
            "date": "2019-04-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11958"
          },
          {
            "date": "2019-05-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "date": "2019-03-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201903-137"
          },
          {
            "date": "2019-04-04T15:29:00.530000",
            "db": "NVD",
            "id": "CVE-2018-11958"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-04-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121869"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11958"
          },
          {
            "date": "2019-05-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201903-137"
          },
          {
            "date": "2024-11-21T03:44:19.653000",
            "db": "NVD",
            "id": "CVE-2018-11958"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-137"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Access control vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015203"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-137"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201906-0736

    Vulnerability from variot - Updated: 2024-11-23 21:37

    The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains input validation vulnerabilities and channel and path error vulnerabilities.Information may be obtained and information may be altered. QualcommMDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The QualcommMDM9150 is a central processing unit (CPU) product. The SDX20 is a modem. An information disclosure vulnerability exists in several Qualcomm products. The vulnerability stems from errors in the configuration of the network system or product during operation. Unauthorized attackers can exploit the vulnerability to obtain sensitive information about the affected component. Qualcomm Closed-Source Components are prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. Multiple out-of-bounds memory access vulnerabilities 4. An unauthorized-access vulnerability 5. Multiple denial-of-service vulnerabilities 6. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-114074547,A-119050181,A-122474428,A-114067283,A-119049466,A-119050073,A-119049388,A-119050001,A-119049623,A-119051002,A-119050182,A-119052037,A-122472140,A-112303441 and A-123997497. An attacker could exploit this vulnerability to forge application messages. The following products and versions are affected: Qualcomm IPQ4019; IPQ8074; MDM9150; MDM9206; MDM9607; MDM9635M; MDM9640; MDM9650; MDM9655; MSM8909W; SD 425; SD 427; SD 430; SD 435; SD 439; SD 429; SD 450; SD 615/16; SD 415; SD 625; SD 632; SD 636; SD 650/52; 710; SD 670; SD 820; SD 820A; SD 835; SD 845; SD 850; SD 855; SD 8CX;

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0736",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 8cx",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "615/16"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "415"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "410/12"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd 8cx",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          },
          {
            "model": "qcs405",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "650/52"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13906"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wen Guanxing of Pangu LAB, Xiling Gong of Tencent Blade Team.,derrek",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2018-13906",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-13906",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-13771",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-124012",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-13906",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-13906",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-13906",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-13771",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201905-185",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-124012",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-13906",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124012"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13906"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13906"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains input validation vulnerabilities and channel and path error vulnerabilities.Information may be obtained and information may be altered. QualcommMDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The QualcommMDM9150 is a central processing unit (CPU) product. The SDX20 is a modem. An information disclosure vulnerability exists in several Qualcomm products. The vulnerability stems from errors in the configuration of the network system or product during operation. Unauthorized attackers can exploit the vulnerability to obtain sensitive information about the affected component. Qualcomm Closed-Source Components are prone to the following security vulnerabilities:\n1. Multiple buffer-overflow vulnerabilities\n2. Multiple out-of-bounds memory access vulnerabilities\n4. An unauthorized-access vulnerability\n5. Multiple denial-of-service vulnerabilities\n6. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-114074547,A-119050181,A-122474428,A-114067283,A-119049466,A-119050073,A-119049388,A-119050001,A-119049623,A-119051002,A-119050182,A-119052037,A-122472140,A-112303441 and A-123997497. An attacker could exploit this vulnerability to forge application messages. The following products and versions are affected: Qualcomm IPQ4019; IPQ8074; MDM9150; MDM9206; MDM9607; MDM9635M; MDM9640; MDM9650; MDM9655; MSM8909W; SD 425; SD 427; SD 430; SD 435; SD 439; SD 429; SD 450; SD 615/16; SD 415; SD 625; SD 632; SD 636; SD 650/52; 710; SD 670; SD 820; SD 820A; SD 835; SD 845; SD 850; SD 855; SD 8CX;",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-13906"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124012"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13906"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-13906",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "108300",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-185",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-124012",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13906",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124012"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13906"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13906"
          }
        ]
      },
      "id": "VAR-201906-0736",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124012"
          }
        ],
        "trust": 1.6564394
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:37:13.281000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Jun 2019 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Patches for multiple Qualcomm Product Information Disclosure Vulnerabilities (CNVD-2019-13771)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/160901"
          },
          {
            "title": "Multiple Qualcomm Product information disclosure vulnerability repair measures",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92329"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          },
          {
            "problemtype": "CWE-417",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-124012"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13906"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13906"
          },
          {
            "trust": 1.2,
            "url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-may-2019-29239"
          },
          {
            "trust": 0.9,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.9,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.9,
            "url": "https://source.android.com/security/bulletin/2019-05-01"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13906"
          },
          {
            "trust": 0.7,
            "url": "https://www.securityfocus.com/bid/108300"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/417.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124012"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13906"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13906"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124012"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13906"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13906"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-124012"
          },
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-13906"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "BID",
            "id": "108300"
          },
          {
            "date": "2019-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "date": "2019-05-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          },
          {
            "date": "2019-06-14T17:29:00.767000",
            "db": "NVD",
            "id": "CVE-2018-13906"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-13771"
          },
          {
            "date": "2019-06-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-124012"
          },
          {
            "date": "2019-06-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-13906"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "BID",
            "id": "108300"
          },
          {
            "date": "2019-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          },
          {
            "date": "2019-06-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          },
          {
            "date": "2024-11-21T03:48:18.337000",
            "db": "NVD",
            "id": "CVE-2018-13906"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to input validation in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015665"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "code problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-185"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201906-0740

    Vulnerability from variot - Updated: 2024-11-23 21:37

    Due to missing permissions in Android Manifest file, Sensitive information disclosure issue can happen in PCI RCS app in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660. plural Snapdragon The product contains an access control vulnerability.Information may be obtained. QualcommMDM9607 and others are a central processing unit (CPU) product of Qualcomm. There are access control error vulnerabilities in ContentProtection in several Qualcomm products. An attacker could exploit this vulnerability to gain access to sensitive keypad input data. Qualcomm Closed-Source Components are prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. Multiple information disclosure vulnerabilities 3. An unauthorized-access vulnerability 5. Multiple denial-of-service vulnerabilities 6. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-114074547,A-119050181,A-122474428,A-114067283,A-119049466,A-119050073,A-119049388,A-119050001,A-119049623,A-119051002,A-119050182,A-119052037,A-122472140,A-112303441 and A-123997497. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. The following products and versions are affected: Qualcomm MDM9206; MDM9607; MDM9650; MSM8909W; MSM8996AU; QCA6574AU; QCS605; SD 210; SD 212; SD 205; SD 712; SD 710; SD 670; SD 730; SD 820; SD 820A; SD 835; SD 845; SD 850; SD 855;

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0740",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "615/16"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "415"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "650/52"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "410/12"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13901"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wen Guanxing of Pangu LAB, Xiling Gong of Tencent Blade Team.,derrek",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2018-13901",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-13901",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-08981",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "VHN-124007",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2018-13901",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-13901",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-13901",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-08981",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201905-188",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-124007",
                "trust": 0.1,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-13901",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124007"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13901"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Due to missing permissions in Android Manifest file, Sensitive information disclosure issue can happen in PCI RCS app in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660. plural Snapdragon The product contains an access control vulnerability.Information may be obtained. QualcommMDM9607 and others are a central processing unit (CPU) product of Qualcomm. There are access control error vulnerabilities in ContentProtection in several Qualcomm products. An attacker could exploit this vulnerability to gain access to sensitive keypad input data. Qualcomm Closed-Source Components are prone to the following security vulnerabilities:\n1. Multiple buffer-overflow vulnerabilities\n2. Multiple information disclosure vulnerabilities\n3. An unauthorized-access vulnerability\n5. Multiple denial-of-service vulnerabilities\n6. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-114074547,A-119050181,A-122474428,A-114067283,A-119049466,A-119050073,A-119049388,A-119050001,A-119049623,A-119051002,A-119050182,A-119052037,A-122472140,A-112303441 and A-123997497. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. The following products and versions are affected: Qualcomm MDM9206; MDM9607; MDM9650; MSM8909W; MSM8996AU; QCA6574AU; QCS605; SD 210; SD 212; SD 205; SD 712; SD 710; SD 670; SD 730; SD 820; SD 820A; SD 835; SD 845; SD 850; SD 855;",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-13901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124007"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13901"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-13901",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "108300",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-188",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-124007",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13901",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124007"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13901"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13901"
          }
        ]
      },
      "id": "VAR-201906-0740",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124007"
          }
        ],
        "trust": 1.6564394
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:37:13.209000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "May 2019 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Patches for multiple Qualcomm product access control error vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/158071"
          },
          {
            "title": "Multiple Qualcomm Product access control error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92332"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-124007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13901"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13901"
          },
          {
            "trust": 0.9,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.9,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.9,
            "url": "https://source.android.com/security/bulletin/2019-05-01"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13901"
          },
          {
            "trust": 0.7,
            "url": "https://www.securityfocus.com/bid/108300"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2019-28664"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-may-2019-29239"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124007"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13901"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13901"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124007"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13901"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13901"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-04-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-124007"
          },
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-13901"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "BID",
            "id": "108300"
          },
          {
            "date": "2019-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "date": "2019-05-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          },
          {
            "date": "2019-06-14T17:29:00.673000",
            "db": "NVD",
            "id": "CVE-2018-13901"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-04-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-08981"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-124007"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-13901"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "BID",
            "id": "108300"
          },
          {
            "date": "2019-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          },
          {
            "date": "2024-11-21T03:48:17.620000",
            "db": "NVD",
            "id": "CVE-2018-13901"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Access control vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015629"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-188"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201906-0694

    Vulnerability from variot - Updated: 2024-11-23 21:37

    An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9650 is a central processing unit (CPU) product of Qualcomm. A buffer overflow vulnerability exists in several Qualcomm products. This vulnerability is caused when the network system or product performs operations on the memory and does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. This vulnerability can be exploited to cause buffer overflows or heap overflows. Qualcomm Closed-Source Components are prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. Multiple information disclosure vulnerabilities 3. Multiple out-of-bounds memory access vulnerabilities 4. An unauthorized-access vulnerability 5. Multiple denial-of-service vulnerabilities 6. An insecure-file-permissions vulnerability An attacker can exploit these issues to execute arbitrary code, perform unauthorized actions, cause denial-of-service condition and obtain sensitive information. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-114074547,A-119050181,A-122474428,A-114067283,A-119049466,A-119050073,A-119049388,A-119050001,A-119049623,A-119051002,A-119050182,A-119052037,A-122472140,A-112303441 and A-123997497

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0694",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 8cx",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd 8cx",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2256"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qm215_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wen Guanxing of Pangu LAB, Xiling Gong of Tencent Blade Team.,derrek",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-2256",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-2256",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-13770",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-153691",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2256",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2256",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2256",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-13770",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201905-156",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-153691",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-2256",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153691"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2256"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9650 is a central processing unit (CPU) product of Qualcomm. A buffer overflow vulnerability exists in several Qualcomm products. This vulnerability is caused when the network system or product performs operations on the memory and does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. This vulnerability can be exploited to cause buffer overflows or heap overflows. Qualcomm Closed-Source Components are prone to the following security vulnerabilities:\n1. Multiple buffer-overflow vulnerabilities\n2. Multiple information disclosure vulnerabilities\n3. Multiple out-of-bounds memory access vulnerabilities\n4. An unauthorized-access vulnerability\n5. Multiple denial-of-service vulnerabilities\n6. An insecure-file-permissions vulnerability\nAn attacker can exploit these issues to execute arbitrary code, perform unauthorized actions, cause denial-of-service condition and obtain sensitive information. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-114074547,A-119050181,A-122474428,A-114067283,A-119049466,A-119050073,A-119049388,A-119050001,A-119049623,A-119051002,A-119050182,A-119052037,A-122472140,A-112303441 and A-123997497",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153691"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2256"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2256",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "108300",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-156",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-153691",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2256",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153691"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2256"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2256"
          }
        ]
      },
      "id": "VAR-201906-0694",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153691"
          }
        ],
        "trust": 1.6564394
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:37:13.169000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "May 2019 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Patches for multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2019-13770)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/160903"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92301"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-critical-remote-code-execution-flaws-android/144497/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-153691"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2256"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2256"
          },
          {
            "trust": 1.2,
            "url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-may-2019-29239"
          },
          {
            "trust": 0.9,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.9,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.9,
            "url": "https://source.android.com/security/bulletin/2019-05-01"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2256"
          },
          {
            "trust": 0.7,
            "url": "https://www.securityfocus.com/bid/108300"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/google-critical-remote-code-execution-flaws-android/144497/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153691"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2256"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2256"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153691"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2256"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2256"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153691"
          },
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-2256"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "BID",
            "id": "108300"
          },
          {
            "date": "2019-06-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "date": "2019-05-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          },
          {
            "date": "2019-06-14T17:29:02.690000",
            "db": "NVD",
            "id": "CVE-2019-2256"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-13770"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153691"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-2256"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "BID",
            "id": "108300"
          },
          {
            "date": "2019-06-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          },
          {
            "date": "2024-11-21T04:40:33.240000",
            "db": "NVD",
            "id": "CVE-2019-2256"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005492"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-156"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201906-0693

    Vulnerability from variot - Updated: 2024-11-23 21:37

    An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9650 is a central processing unit (CPU) product of Qualcomm. A buffer overflow vulnerability exists in H.264 decoders in several Qualcomm products. This vulnerability stems from a network system or product performing an operation on memory that does not properly validate data boundaries, causing errors to be performed on other associated memory locations. Read and write operations that an attacker can exploit to cause a buffer overflow or heap overflow. Qualcomm Closed-Source Components are prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. Multiple information disclosure vulnerabilities 3. Multiple out-of-bounds memory access vulnerabilities 4. An unauthorized-access vulnerability 5. Multiple denial-of-service vulnerabilities 6. An insecure-file-permissions vulnerability An attacker can exploit these issues to execute arbitrary code, perform unauthorized actions, cause denial-of-service condition and obtain sensitive information. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-114074547,A-119050181,A-122474428,A-114067283,A-119049466,A-119050073,A-119049388,A-119050001,A-119049623,A-119051002,A-119050182,A-119052037,A-122472140,A-112303441 and A-123997497

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0693",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 8cx",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 730",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "210"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "212"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "205"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "425"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "625"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "820"
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "835"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "430"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "427"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "435"
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sd 8cx",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "712"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "855"
          },
          {
            "model": "sd",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "675"
          },
          {
            "model": "qualcomm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2255"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qm215_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wen Guanxing of Pangu LAB, Xiling Gong of Tencent Blade Team.,derrek",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-2255",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-2255",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-13769",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-153690",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2255",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2255",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2255",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-13769",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201905-157",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-153690",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-2255",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153690"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2255"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2255"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9650 is a central processing unit (CPU) product of Qualcomm. A buffer overflow vulnerability exists in H.264 decoders in several Qualcomm products. This vulnerability stems from a network system or product performing an operation on memory that does not properly validate data boundaries, causing errors to be performed on other associated memory locations. Read and write operations that an attacker can exploit to cause a buffer overflow or heap overflow. Qualcomm Closed-Source Components are prone to the following security vulnerabilities:\n1. Multiple buffer-overflow vulnerabilities\n2. Multiple information disclosure vulnerabilities\n3. Multiple out-of-bounds memory access vulnerabilities\n4. An unauthorized-access vulnerability\n5. Multiple denial-of-service vulnerabilities\n6. An insecure-file-permissions vulnerability\nAn attacker can exploit these issues to execute arbitrary code, perform unauthorized actions, cause denial-of-service condition and obtain sensitive information. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-114074547,A-119050181,A-122474428,A-114067283,A-119049466,A-119050073,A-119049388,A-119050001,A-119049623,A-119051002,A-119050182,A-119052037,A-122472140,A-112303441 and A-123997497",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2255"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153690"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2255"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2255",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "108300",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-157",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-153690",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2255",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153690"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2255"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2255"
          }
        ]
      },
      "id": "VAR-201906-0693",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153690"
          }
        ],
        "trust": 1.6564394
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS",
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:37:13.061000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "May 2019 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Patches for multiple Qualcomm H.264 decoder buffer overflow vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/160905"
          },
          {
            "title": "Multiple Qualcomm product H.264 Fixes for decoder buffer error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92302"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-153690"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2255"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2255"
          },
          {
            "trust": 1.2,
            "url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-may-2019-29239"
          },
          {
            "trust": 0.9,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.9,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.9,
            "url": "https://source.android.com/security/bulletin/2019-05-01"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2255"
          },
          {
            "trust": 0.7,
            "url": "https://www.securityfocus.com/bid/108300"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153690"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2255"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2255"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-153690"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-2255"
          },
          {
            "db": "BID",
            "id": "108300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2255"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153690"
          },
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-2255"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "BID",
            "id": "108300"
          },
          {
            "date": "2019-06-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "date": "2019-05-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          },
          {
            "date": "2019-06-14T17:29:02.423000",
            "db": "NVD",
            "id": "CVE-2019-2255"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-13769"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-153690"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-2255"
          },
          {
            "date": "2019-05-06T00:00:00",
            "db": "BID",
            "id": "108300"
          },
          {
            "date": "2019-06-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          },
          {
            "date": "2024-11-21T04:40:33.080000",
            "db": "NVD",
            "id": "CVE-2019-2255"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005491"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201905-157"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2020-3687 (GCVE-0-2020-3687)

    Vulnerability from nvd – Published: 2021-01-21 09:41 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue.
    Severity
    No CVSS data available.
    CWE
    • Information Exposure in Bluetooth Host
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. unspecified Affected: unspecified
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.254Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "unspecified",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Exposure in Bluetooth Host",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-22T14:19:34.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3687",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "",
                          "version": {
                            "version_data": [
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Exposure in Bluetooth Host"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3687",
        "datePublished": "2021-01-21T09:41:30.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.254Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3687 (GCVE-0-2020-3687)

    Vulnerability from cvelistv5 – Published: 2021-01-21 09:41 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue.
    Severity
    No CVSS data available.
    CWE
    • Information Exposure in Bluetooth Host
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. unspecified Affected: unspecified
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.254Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "unspecified",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Exposure in Bluetooth Host",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-22T14:19:34.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3687",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "",
                          "version": {
                            "version_data": [
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Exposure in Bluetooth Host"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3687",
        "datePublished": "2021-01-21T09:41:30.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.254Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }