Search

Find a vulnerability

Search criteria

    15 vulnerabilities found for sd652 by qualcomm

    VAR-201809-0098

    Vulnerability from variot - Updated: 2025-01-30 20:48

    In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure. Snapdragon (Mobile and Wear) Contains a double release vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A double free vulnerability exists in several Qualcomm Snapdragon products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0098",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd415",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd617",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd616",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11982"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          }
        ]
      },
      "cve": "CVE-2018-11982",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-11982",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.5,
                "id": "VHN-121896",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:A/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-11982",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11982",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11982",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-962",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121896",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121896"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11982"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure. Snapdragon (Mobile and Wear) Contains a double release vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A double free vulnerability exists in several Qualcomm Snapdragon products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11982"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121896"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11982",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-962",
            "trust": 0.7
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-121896",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-121896"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11982"
          }
        ]
      },
      "id": "VAR-201809-0098",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-121896"
          }
        ],
        "trust": 0.02
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T20:48:46.274000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85075"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-415",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121896"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11982"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11982"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11982"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-121896"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11982"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-121896"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11982"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121896"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          },
          {
            "date": "2018-09-20T13:29:02.057000",
            "db": "NVD",
            "id": "CVE-2018-11982"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121896"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          },
          {
            "date": "2024-11-21T03:44:21.940000",
            "db": "NVD",
            "id": "CVE-2018-11982"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "specific network environment",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Snapdragon Double release vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010805"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-962"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0886

    Vulnerability from variot - Updated: 2024-11-23 22:30

    In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image which has an inadequate permission level and allows any application installed from Play Store to request this permission at install-time. The system application interfaces with the Radio Interface Layer leading to potential access control issue. Snapdragon (Automobile , Mobile , Wear) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MSM8909W, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) for different platforms. Permissions and access control vulnerabilities exist in Telephony in several Qualcomm Snapdragon products. The vulnerability stems from the fact that com.qualcomm.embms is deployed in a system image with improper permissions and allows any installed application from the Play Store to request permissions. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0886",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd810",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd617",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11277"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          }
        ]
      },
      "cve": "CVE-2018-11277",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11277",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "VHN-121120",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2018-11277",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11277",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11277",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-968",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121120",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121120"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11277"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image which has an inadequate permission level and allows any application installed from Play Store to request this permission at install-time. The system application interfaces with the Radio Interface Layer leading to potential access control issue. Snapdragon (Automobile , Mobile , Wear) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MSM8909W, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) for different platforms. Permissions and access control vulnerabilities exist in Telephony in several Qualcomm Snapdragon products. The vulnerability stems from the fact that com.qualcomm.embms is deployed in a system image with improper permissions and allows any installed application from the Play Store to request permissions. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11277"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121120"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11277",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-968",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-121120",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121120"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11277"
          }
        ]
      },
      "id": "VAR-201809-0886",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121120"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:30:17.496000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product Privilege License and Access Control Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85081"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-732",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-264",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121120"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11277"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11277"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11277"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121120"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11277"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-121120"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11277"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121120"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          },
          {
            "date": "2018-09-20T13:29:01.167000",
            "db": "NVD",
            "id": "CVE-2018-11277"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121120"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          },
          {
            "date": "2024-11-21T03:43:02.667000",
            "db": "NVD",
            "id": "CVE-2018-11277"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerabilities related to authorization, authority, and access control in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010806"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "permissions and access control issues",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-968"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0878

    Vulnerability from variot - Updated: 2024-11-23 22:06

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. Snapdragon (Automobile , Mobile , Wear) Contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-109678453, A-111089815, A-112279482, A-112278875, A-109678259, A-111088838, A-111092944, A-112278972, A-112279521, A-112279426, A-112279483, A-112279144, A-112279544, and A-119050566. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There are security vulnerabilities in Storage in several Qualcomm Snapdragon products. The vulnerability stems from the fact that the program does not correctly verify the array index. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0878",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd810",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "106845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11268"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_439_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_710_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "106845"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2018-11268",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11268",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-121110",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2018-11268",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11268",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11268",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-970",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121110",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121110"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11268"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. Snapdragon (Automobile , Mobile , Wear) Contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-109678453, A-111089815, A-112279482, A-112278875, A-109678259, A-111088838, A-111092944, A-112278972, A-112279521, A-112279426, A-112279483, A-112279144, A-112279544, and A-119050566. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There are security vulnerabilities in Storage in several Qualcomm Snapdragon products. The vulnerability stems from the fact that the program does not correctly verify the array index. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11268"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "db": "BID",
            "id": "106845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121110"
          }
        ],
        "trust": 1.98
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11268",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "106845",
            "trust": 2.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-121110",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121110"
          },
          {
            "db": "BID",
            "id": "106845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11268"
          }
        ]
      },
      "id": "VAR-201809-0878",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121110"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:06:19.798000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85083"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-129",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121110"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11268"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/106845"
          },
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11268"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11268"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.3,
            "url": "https://source.android.com/security/bulletin/2019-02-01"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121110"
          },
          {
            "db": "BID",
            "id": "106845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11268"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-121110"
          },
          {
            "db": "BID",
            "id": "106845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11268"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121110"
          },
          {
            "date": "2019-02-04T00:00:00",
            "db": "BID",
            "id": "106845"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          },
          {
            "date": "2018-09-20T13:29:00.933000",
            "db": "NVD",
            "id": "CVE-2018-11268"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-03-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121110"
          },
          {
            "date": "2019-02-04T00:00:00",
            "db": "BID",
            "id": "106845"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          },
          {
            "date": "2019-03-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          },
          {
            "date": "2024-11-21T03:43:01.650000",
            "db": "NVD",
            "id": "CVE-2018-11268"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to array index verification in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010814"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-970"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0879

    Vulnerability from variot - Updated: 2024-11-23 22:00

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. Snapdragon (Automobile , Mobile , Wear) Contains an array index validation vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78244877, A-79420111, A-109677962, A-68326808, A-78240714, A-78240675, A-78241957, A-72950294, A-74235967, A-77484722, A-77484786, A-79420492, A-79420096, and A-109678529. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There are security vulnerabilities in Storage in several Qualcomm Snapdragon products. The vulnerability stems from the fact that the program does not correctly verify the array index. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0879",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd810",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "105838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11269"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_439_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_710_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "105838"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-11269",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11269",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-121111",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2018-11269",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11269",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11269",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-969",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121111",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-11269",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11269"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11269"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. Snapdragon (Automobile , Mobile , Wear) Contains an array index validation vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-78244877, A-79420111, A-109677962, A-68326808, A-78240714, A-78240675, A-78241957, A-72950294, A-74235967, A-77484722, A-77484786, A-79420492, A-79420096, and A-109678529. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. There are security vulnerabilities in Storage in several Qualcomm Snapdragon products. The vulnerability stems from the fact that the program does not correctly verify the array index. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11269"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "db": "BID",
            "id": "105838"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11269"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11269",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "105838",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-969",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-121111",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11269",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11269"
          },
          {
            "db": "BID",
            "id": "105838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11269"
          }
        ]
      },
      "id": "VAR-201809-0879",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121111"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:00:18.472000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85082"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=2a07dd9b0f590517e161812c849b67e5"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-11269"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-129",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121111"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11269"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/105838"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11269"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11269"
          },
          {
            "trust": 0.4,
            "url": "https://source.android.com/security/bulletin/2018-11-01.html"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/129.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11269"
          },
          {
            "db": "BID",
            "id": "105838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11269"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-121111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11269"
          },
          {
            "db": "BID",
            "id": "105838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11269"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121111"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11269"
          },
          {
            "date": "2018-11-05T00:00:00",
            "db": "BID",
            "id": "105838"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          },
          {
            "date": "2018-09-20T13:29:01.043000",
            "db": "NVD",
            "id": "CVE-2018-11269"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121111"
          },
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11269"
          },
          {
            "date": "2018-11-05T00:00:00",
            "db": "BID",
            "id": "105838"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          },
          {
            "date": "2024-11-21T03:43:01.800000",
            "db": "NVD",
            "id": "CVE-2018-11269"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability in sequence index validation in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010815"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-969"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0049

    Vulnerability from variot - Updated: 2024-11-23 21:52

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, on TZ cold boot the CNOC_QDSS RG0 locked by xBL_SEC is cleared by TZ. Snapdragon (Automobile , Mobile , Wear) Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An access control error vulnerability exists in several Qualcomm Snapdragon products. Attackers can use TZ to exploit this vulnerability to clear CNOC_QDSS RG0 locked by xBL_SEC when TZ is cold started

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0049",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd810",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18314"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9645_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_439_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-18314",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-18314",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-109424",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18314",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18314",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18314",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-972",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109424",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18314",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109424"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18314"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18314"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, on TZ cold boot the CNOC_QDSS RG0 locked by xBL_SEC is cleared by TZ. Snapdragon (Automobile , Mobile , Wear) Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An access control error vulnerability exists in several Qualcomm Snapdragon products. Attackers can use TZ to exploit this vulnerability to clear CNOC_QDSS RG0 locked by xBL_SEC when TZ is cold started",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18314"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109424"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18314"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18314",
            "trust": 2.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-972",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "106494",
            "trust": 0.3
          },
          {
            "db": "VULHUB",
            "id": "VHN-109424",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18314",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109424"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18314"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18314"
          }
        ]
      },
      "id": "VAR-201809-0049",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109424"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:52:46.292000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 9 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components"
          },
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product access control error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85085"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014September 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25cebb27b25b2e242f56769472d26cc5"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18314"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109424"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18314"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18314"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18314"
          },
          {
            "trust": 0.4,
            "url": "https://source.android.com/security/bulletin/2018-09-01.html"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109424"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18314"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18314"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-109424"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18314"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18314"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109424"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18314"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          },
          {
            "date": "2018-09-20T13:29:00.667000",
            "db": "NVD",
            "id": "CVE-2017-18314"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109424"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18314"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          },
          {
            "date": "2024-11-21T03:19:50.143000",
            "db": "NVD",
            "id": "CVE-2017-18314"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Access control vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014293"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-972"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0861

    Vulnerability from variot - Updated: 2024-11-23 21:52

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency. Snapdragon (Automobile , Mobile , Wear) Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Video in several Qualcomm Snapdragon products has a security vulnerability. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0861",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11287"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_439_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_710_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-11287",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-11287",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-121131",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11287",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11287",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11287",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-966",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121131",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-11287",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121131"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11287"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency. Snapdragon (Automobile , Mobile , Wear) Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Video in several Qualcomm Snapdragon products has a security vulnerability. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121131"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11287"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11287",
            "trust": 2.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-966",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "106494",
            "trust": 0.3
          },
          {
            "db": "VULHUB",
            "id": "VHN-121131",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11287",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121131"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11287"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11287"
          }
        ]
      },
      "id": "VAR-201809-0861",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121131"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:52:42.463000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 9 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components"
          },
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85079"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014September 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25cebb27b25b2e242f56769472d26cc5"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-11287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121131"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11287"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11287"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11287"
          },
          {
            "trust": 0.4,
            "url": "https://source.android.com/security/bulletin/2018-09-01.html"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121131"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11287"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11287"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-121131"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11287"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11287"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121131"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11287"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          },
          {
            "date": "2018-09-20T13:29:01.403000",
            "db": "NVD",
            "id": "CVE-2018-11287"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121131"
          },
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11287"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          },
          {
            "date": "2024-11-21T03:43:03.690000",
            "db": "NVD",
            "id": "CVE-2018-11287"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to input validation in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010808"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-966"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-1108

    Vulnerability from variot - Updated: 2024-11-23 21:52

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests (for privacy reasons) is not done properly due to a flawed RNG which produces repeating output much earlier than expected. Snapdragon (Automobile , Mobile , Wear) Contains a cryptographic vulnerability.Information may be tampered with. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An encryption issue vulnerability exists in several Qualcomm Snapdragon products due to a program that does not properly randomize MAC addresses. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-1108",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-5871"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_439_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_710_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-5871",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-5871",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "VHN-135903",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:A/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-5871",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-5871",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-5871",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-960",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-135903",
                "trust": 0.1,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-5871",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-135903"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-5871"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-5871"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests (for privacy reasons) is not done properly due to a flawed RNG which produces repeating output much earlier than expected. Snapdragon (Automobile , Mobile , Wear) Contains a cryptographic vulnerability.Information may be tampered with. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An encryption issue vulnerability exists in several Qualcomm Snapdragon products due to a program that does not properly randomize MAC addresses. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-5871"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "VULHUB",
            "id": "VHN-135903"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-5871"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-5871",
            "trust": 2.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-960",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "106494",
            "trust": 0.3
          },
          {
            "db": "VULHUB",
            "id": "VHN-135903",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-5871",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-135903"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-5871"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-5871"
          }
        ]
      },
      "id": "VAR-201809-1108",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-135903"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:52:41.988000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product encryption problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85073"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014September 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25cebb27b25b2e242f56769472d26cc5"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-5871"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-338",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-310",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-135903"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-5871"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5871"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5871"
          },
          {
            "trust": 0.4,
            "url": "https://source.android.com/security/bulletin/2018-09-01.html"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/338.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-135903"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-5871"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-5871"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-135903"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-5871"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-5871"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-135903"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-5871"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          },
          {
            "date": "2018-09-20T13:29:02.323000",
            "db": "NVD",
            "id": "CVE-2018-5871"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-135903"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-5871"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          },
          {
            "date": "2024-11-21T04:09:35.340000",
            "db": "NVD",
            "id": "CVE-2018-5871"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Snapdragon Cryptographic vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010802"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-960"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0864

    Vulnerability from variot - Updated: 2024-11-23 21:52

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, lack of input validation in WLANWMI command handlers can lead to integer & heap overflows. Snapdragon (Automobile , Mobile , Wear) Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A buffer overflow vulnerability exists in several Qualcomm Snapdragon products where the WLANWMI command handler does not perform input validation. An attacker could exploit this vulnerability to cause a denial of service or execute code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0864",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11292"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6584_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_439_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-11292",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11292",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-121137",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2018-11292",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11292",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11292",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-963",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121137",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-11292",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121137"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11292"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, lack of input validation in WLANWMI command handlers can lead to integer \u0026 heap overflows. Snapdragon (Automobile , Mobile , Wear) Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A buffer overflow vulnerability exists in several Qualcomm Snapdragon products where the WLANWMI command handler does not perform input validation. An attacker could exploit this vulnerability to cause a denial of service or execute code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121137"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11292"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11292",
            "trust": 2.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-963",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "106494",
            "trust": 0.3
          },
          {
            "db": "VULHUB",
            "id": "VHN-121137",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11292",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121137"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11292"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11292"
          }
        ]
      },
      "id": "VAR-201809-0864",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121137"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:52:41.881000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85076"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014September 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25cebb27b25b2e242f56769472d26cc5"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-11292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-119",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121137"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11292"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.7,
            "url": "http://support.blackberry.com/kb/articledetail?language=en_us\u0026articlenumber=000051618"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11292"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11292"
          },
          {
            "trust": 0.4,
            "url": "https://source.android.com/security/bulletin/2018-09-01.html"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.1,
            "url": "http://support.blackberry.com/kb/articledetail?language=en_us\u0026amp;articlenumber=000051618"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/190.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121137"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11292"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11292"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-121137"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11292"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11292"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121137"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11292"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          },
          {
            "date": "2018-09-20T13:29:01.823000",
            "db": "NVD",
            "id": "CVE-2018-11292"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121137"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11292"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          },
          {
            "date": "2024-11-21T03:43:04.800000",
            "db": "NVD",
            "id": "CVE-2018-11292"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Snapdragon Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010804"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-963"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0862

    Vulnerability from variot - Updated: 2024-11-23 21:52

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests is not done properly due to a flawed RNG in use. Snapdragon (Automobile , Mobile , Wear) Contains a cryptographic vulnerability.Information may be tampered with. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A cryptographic vulnerability exists in several Qualcomm Snapdragon products due to the program's use of a flawed random number generator. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0862",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11290"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6584_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "106494"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-11290",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-11290",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-121135",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11290",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11290",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11290",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-965",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121135",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-11290",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121135"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11290"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests is not done properly due to a flawed RNG in use. Snapdragon (Automobile , Mobile , Wear) Contains a cryptographic vulnerability.Information may be tampered with. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-68326803, A-62213176, A-73539234, A-72950814, A-77484228, A-111090697, A-68326811, A-78240387, A-78239234, A-68326819, A-71501117, A-72950958, A-74236425, A-77484229, A-79419793, A-109677940, A-109677982, A-109677964, A-109678202, A-109678380, A-111091377, A-111090533, A-111093202, A-111090698, A-111093021, and A-111093167. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. A cryptographic vulnerability exists in several Qualcomm Snapdragon products due to the program\u0027s use of a flawed random number generator. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121135"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11290"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11290",
            "trust": 2.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-965",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "106494",
            "trust": 0.3
          },
          {
            "db": "VULHUB",
            "id": "VHN-121135",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11290",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121135"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11290"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11290"
          }
        ]
      },
      "id": "VAR-201809-0862",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121135"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:52:41.703000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 9 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components"
          },
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product encryption problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85078"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014September 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25cebb27b25b2e242f56769472d26cc5"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-11290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-338",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-310",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121135"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11290"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.7,
            "url": "http://support.blackberry.com/kb/articledetail?language=en_us\u0026articlenumber=000051618"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11290"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11290"
          },
          {
            "trust": 0.4,
            "url": "https://source.android.com/security/bulletin/2018-09-01.html"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.1,
            "url": "http://support.blackberry.com/kb/articledetail?language=en_us\u0026amp;articlenumber=000051618"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/338.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121135"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11290"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11290"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-121135"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11290"
          },
          {
            "db": "BID",
            "id": "106494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11290"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121135"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11290"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2019-02-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          },
          {
            "date": "2018-09-20T13:29:01.543000",
            "db": "NVD",
            "id": "CVE-2018-11290"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121135"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11290"
          },
          {
            "date": "2018-09-04T00:00:00",
            "db": "BID",
            "id": "106494"
          },
          {
            "date": "2019-02-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          },
          {
            "date": "2024-11-21T03:43:04.467000",
            "db": "NVD",
            "id": "CVE-2018-11290"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product Cryptographic vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013510"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-965"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0863

    Vulnerability from variot - Updated: 2024-11-23 21:38

    In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, cryptographic issues due to the random number generator was not a strong one in NAN. Snapdragon (Automobile , Mobile , Wear) Contains a cryptographic vulnerability.Information may be tampered with. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-120487384, A-117119000, A-117118976, A-117118295, A-117119172, A-122473270, A-109678120, A-111093019, A-111092813, A-111089816, A-111092945, A-111092919, A-111091938, A-111093762, A-111093242, A-111090373, A-111092814, A-111093763, A-111093243, A-111089817, A-111092400, A-111090534, A-111091378, A-111092946, A-111093022, A-111093244, A-111092888, A-111093280, A-111092401, A-111093259, A-111090535, A-112279580, A-112279127, A-119049704, A-119052960, A-114042276, A-117118499, A-117119174, A-117119152, A-117118789, A-122472377, A-120483842, A-122472139 and A-122473145. Qualcomm IPQ8074, etc. are all central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Encryption issues exist in several Qualcomm Snapdragon products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0863",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9379",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd810",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca4531",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9378",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6564",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca4531",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6564",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9378",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9379",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 810",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "107681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11291"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca4531_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6174a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6564_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6584_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6584au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca9377_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca9378_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca9379_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_810_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "107681"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2018-11291",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-11291",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-121136",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11291",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11291",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11291",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-964",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121136",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-11291",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121136"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11291"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11291"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, cryptographic issues due to the random number generator was not a strong one in NAN. Snapdragon (Automobile , Mobile , Wear) Contains a cryptographic vulnerability.Information may be tampered with. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-120487384, A-117119000, A-117118976, A-117118295, A-117119172, A-122473270, A-109678120, A-111093019, A-111092813, A-111089816, A-111092945, A-111092919, A-111091938, A-111093762, A-111093242, A-111090373, A-111092814, A-111093763, A-111093243, A-111089817, A-111092400, A-111090534, A-111091378, A-111092946, A-111093022, A-111093244, A-111092888, A-111093280, A-111092401, A-111093259, A-111090535, A-112279580, A-112279127, A-119049704, A-119052960, A-114042276, A-117118499, A-117119174, A-117119152, A-117118789, A-122472377, A-120483842, A-122472139 and A-122473145. Qualcomm IPQ8074, etc. are all central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Encryption issues exist in several Qualcomm Snapdragon products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11291"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "db": "BID",
            "id": "107681"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121136"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11291"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11291",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "107681",
            "trust": 2.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-121136",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11291",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121136"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11291"
          },
          {
            "db": "BID",
            "id": "107681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11291"
          }
        ]
      },
      "id": "VAR-201809-0863",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121136"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:38:14.271000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product encryption problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85077"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2019",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=cd95df8ce79ebdc8577685322caeeedf"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-11291"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-338",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-310",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121136"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11291"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://www.securityfocus.com/bid/107681"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11291"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11291"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2019-28925"
          },
          {
            "trust": 0.4,
            "url": "https://source.android.com/security/bulletin/2019-04-01.html"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.3,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/338.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121136"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11291"
          },
          {
            "db": "BID",
            "id": "107681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11291"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-121136"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11291"
          },
          {
            "db": "BID",
            "id": "107681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11291"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121136"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11291"
          },
          {
            "date": "2019-04-01T00:00:00",
            "db": "BID",
            "id": "107681"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          },
          {
            "date": "2018-09-20T13:29:01.730000",
            "db": "NVD",
            "id": "CVE-2018-11291"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121136"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11291"
          },
          {
            "date": "2019-04-01T00:00:00",
            "db": "BID",
            "id": "107681"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          },
          {
            "date": "2024-11-21T03:43:04.630000",
            "db": "NVD",
            "id": "CVE-2018-11291"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Qualcomm Snapdragon Cryptographic vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010803"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-964"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0050

    Vulnerability from variot - Updated: 2024-11-23 21:00

    In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, providing the NULL argument of ICE regulator while processing create key IOCTL results in system restart. Snapdragon (Automobile , Mobile , Wear) Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Security flaws exist in several Qualcomm products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0050",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9955",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9055",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "fsm9955",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9055_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:fsm9955_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          }
        ]
      },
      "cve": "CVE-2017-18301",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18301",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "VHN-109410",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18301",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18301",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18301",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-974",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109410",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18301",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, providing the NULL argument of ICE regulator while processing create key IOCTL results in system restart. Snapdragon (Automobile , Mobile , Wear) Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Qualcomm FSM9055, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Security flaws exist in several Qualcomm products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18301",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1041432",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-109410",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "id": "VAR-201809-0050",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T21:00:54.010000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 8 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components\\"
          },
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85087"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-476",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.2,
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18301"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18301"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/476.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-08-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "date": "2018-09-20T13:29:00.370000",
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109410"
          },
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18301"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          },
          {
            "date": "2024-11-21T03:19:48.573000",
            "db": "NVD",
            "id": "CVE-2017-18301"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon In product  NULL Pointer dereference vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014291"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-974"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201810-0054

    Vulnerability from variot - Updated: 2024-11-23 20:20

    Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660. Snapdragon Mobile and Snapdragon Wear Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Access Control module is one of the access control modules. An input validation vulnerability exists in the Access Control module in several Qualcomm Snapdragon products. An attacker could exploit this vulnerability to gain access to RPM

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "sd450",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd430",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1151"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18282"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299"
          }
        ]
      },
      "cve": "CVE-2017-18282",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18282",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-109389",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18282",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18282",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18282",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201810-1151",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109389",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18282",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109389"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1151"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18282"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660. Snapdragon Mobile and Snapdragon Wear Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Access Control module is one of the access control modules. An input validation vulnerability exists in the Access Control module in several Qualcomm Snapdragon products. An attacker could exploit this vulnerability to gain access to RPM",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109389"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18282"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18282",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1041432",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1151",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-109389",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18282",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109389"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1151"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18282"
          }
        ]
      },
      "id": "VAR-201810-0054",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109389"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T20:20:29.142000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "October 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon product Access Control Fixes for module input validation vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86249"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1151"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109389"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18282"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.8,
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18282"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18282"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-08-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109389"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1151"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18282"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-109389",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18282",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1151",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18282",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109389",
            "ident": null
          },
          {
            "date": "2018-10-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18282",
            "ident": null
          },
          {
            "date": "2019-01-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014299",
            "ident": null
          },
          {
            "date": "2018-10-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201810-1151",
            "ident": null
          },
          {
            "date": "2018-10-23T13:29:00.837000",
            "db": "NVD",
            "id": "CVE-2017-18282",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109389",
            "ident": null
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18282",
            "ident": null
          },
          {
            "date": "2019-01-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014299",
            "ident": null
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201810-1151",
            "ident": null
          },
          {
            "date": "2024-11-21T03:19:45.800000",
            "db": "NVD",
            "id": "CVE-2017-18282",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1151"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Snapdragon Mobile and  Snapdragon Wear Access control vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014299"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "input validation",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201810-1151"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0051

    Vulnerability from variot - Updated: 2024-11-23 20:11

    In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, a crafted HLOS client can modify the structure in memory passed to a QSEE application between the time of check and the time of use, resulting in arbitrary writes to TZ kernel memory regions. Snapdragon (Automobile and Mobile) Contains a race condition vulnerability.Information may be tampered with. Qualcomm MSM8996AU, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) for different platforms. A security vulnerability exists in Ontario_Driver_loctl in several Qualcomm Snapdragon products. An attacker can use a specially crafted HLOS client to exploit this vulnerability to change the frame in memory, thereby writing arbitrary content to the TZ kernel memory area. The following products (automotive and mobile) are affected: Qualcomm MSM8996AU; SD 425; SD 427; SD 430; SD 435; SD 450; SD 625; SD 650/52; SD 820; SD 820A; SD 835; SDM439; SDM630; SDM632; SDM636; SDM660; Snapdragon_High_Med_2016

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0051",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18302"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_439_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          }
        ]
      },
      "cve": "CVE-2017-18302",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "CVE-2017-18302",
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:L/AC:M/Au:N/C:N/I:C/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "VHN-109411",
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:M/AU:N/C:N/I:C/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.0,
                "id": "CVE-2017-18302",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18302",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18302",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-973",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109411",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18302",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109411"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18302"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, a crafted HLOS client can modify the structure in memory passed to a QSEE application between the time of check and the time of use, resulting in arbitrary writes to TZ kernel memory regions. Snapdragon (Automobile and Mobile) Contains a race condition vulnerability.Information may be tampered with. Qualcomm MSM8996AU, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) for different platforms. A security vulnerability exists in Ontario_Driver_loctl in several Qualcomm Snapdragon products. An attacker can use a specially crafted HLOS client to exploit this vulnerability to change the frame in memory, thereby writing arbitrary content to the TZ kernel memory area. The following products (automotive and mobile) are affected: Qualcomm MSM8996AU; SD 425; SD 427; SD 430; SD 435; SD 450; SD 625; SD 650/52; SD 820; SD 820A; SD 835; SDM439; SDM630; SDM632; SDM636; SDM660; Snapdragon_High_Med_2016",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109411"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18302"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18302",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1041432",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-973",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-109411",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18302",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109411"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18302"
          }
        ]
      },
      "id": "VAR-201809-0051",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109411"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T20:11:37.755000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 8 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
          },
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85086"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-362",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109411"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18302"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.2,
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18302"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18302"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/362.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-08-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109411"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18302"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-109411"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18302"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109411"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18302"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          },
          {
            "date": "2018-09-20T13:29:00.510000",
            "db": "NVD",
            "id": "CVE-2017-18302"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109411"
          },
          {
            "date": "2018-11-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18302"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          },
          {
            "date": "2024-11-21T03:19:48.723000",
            "db": "NVD",
            "id": "CVE-2017-18302"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Snapdragon Race condition vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014292"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "competitive condition",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-973"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0066

    Vulnerability from variot - Updated: 2024-11-23 19:52

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has opened the SPI/I2C interface to a particular device, it is possible for another Trusted Application to read the data on this open interface by calling the SPI/I2C read function. Snapdragon (Automobile , Mobile , Wear) Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) for different platforms. An access control error vulnerability exists in Buses in several Qualcomm Snapdragon products. When a trusted application opens the SPI/I2C interface to the device, a local attacker can use other trusted applications to exploit this vulnerability to read data on this open interface

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd650",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd625",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd652",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd617",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd820",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd835",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sdm 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sdm 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "_id": null,
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-975"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18280"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_439_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290"
          }
        ]
      },
      "cve": "CVE-2017-18280",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18280",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-109387",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18280",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18280",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-18280",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-975",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-109387",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18280",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109387"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-975"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18280"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has opened the SPI/I2C interface to a particular device, it is possible for another Trusted Application to read the data on this open interface by calling the SPI/I2C read function. Snapdragon (Automobile , Mobile , Wear) Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) for different platforms. An access control error vulnerability exists in Buses in several Qualcomm Snapdragon products. When a trusted application opens the SPI/I2C interface to the device, a local attacker can use other trusted applications to exploit this vulnerability to read data on this open interface",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290"
          },
          {
            "db": "VULHUB",
            "id": "VHN-109387"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18280"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18280",
            "trust": 2.6
          },
          {
            "db": "SECTRACK",
            "id": "1041432",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-975",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-109387",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18280",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109387"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-975"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18280"
          }
        ]
      },
      "id": "VAR-201809-0066",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109387"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T19:52:18.636000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2018 \u5e74 8 \u6708",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
          },
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product access control error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85088"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014August 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=746dc14fcd3f5e139648cfdc9d9039a9"
          },
          {
            "title": "SamsungReleaseNotes",
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/SamsungReleaseNotes "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-18280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-975"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109387"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18280"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.8,
            "url": "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.8,
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18280"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18280"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2018-08-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/samreleasenotes/samsungreleasenotes"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-109387"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-975"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18280"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-109387",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18280",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-975",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18280",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109387",
            "ident": null
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18280",
            "ident": null
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014290",
            "ident": null
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-975",
            "ident": null
          },
          {
            "date": "2018-09-20T13:29:00.247000",
            "db": "NVD",
            "id": "CVE-2017-18280",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-109387",
            "ident": null
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18280",
            "ident": null
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014290",
            "ident": null
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-975",
            "ident": null
          },
          {
            "date": "2024-11-21T03:19:45.513000",
            "db": "NVD",
            "id": "CVE-2017-18280",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-975"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "plural  Snapdragon Access control vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014290"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-975"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0877

    Vulnerability from variot - Updated: 2024-11-23 19:26

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, when sending an malformed XML data to deviceprogrammer/firehose it may do an out of bounds buffer write allowing a region of memory to be filled with 0x20. Snapdragon (Automobile , Mobile , Wear) Contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The Core in several Qualcomm Snapdragon products has a security vulnerability. The vulnerability is caused by the program not validating the array index correctly. Attackers can exploit this vulnerability by sending malformed XML data to deviceprogrammer/firehose to cause buffer out-of-bounds writes

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0877",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd850",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd845",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd617",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 600",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 617",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 632",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 636",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "pixel xl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "pixel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "nexus 6p",
            "scope": null,
            "trust": 0.3,
            "vendor": "google",
            "version": null
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6"
          },
          {
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5x"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "106128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11267"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_210_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_212_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_410_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_412_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_415_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_427_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_430_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_435_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_616_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_617_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_625_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_652_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_820a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_835_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_850_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_439_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_630_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_632_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_636_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "106128"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2018-11267",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11267",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-121109",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2018-11267",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11267",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11267",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-971",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121109",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-11267",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11267"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11267"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, when sending an malformed XML data to deviceprogrammer/firehose it may do an out of bounds buffer write allowing a region of memory to be filled with 0x20. Snapdragon (Automobile , Mobile , Wear) Contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. The Core in several Qualcomm Snapdragon products has a security vulnerability. The vulnerability is caused by the program not validating the array index correctly. Attackers can exploit this vulnerability by sending malformed XML data to deviceprogrammer/firehose to cause buffer out-of-bounds writes",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11267"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "db": "BID",
            "id": "106128"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11267"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11267",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "106128",
            "trust": 2.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-121109",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11267",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11267"
          },
          {
            "db": "BID",
            "id": "106128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11267"
          }
        ]
      },
      "id": "VAR-201809-0877",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121109"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T19:26:57.866000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "September 2018 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Snapdragon Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85084"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014December 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=90af33430b981dd4da141cb90e5f3889"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-11267"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-129",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121109"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11267"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/106128"
          },
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.0,
            "url": "https://source.android.com/security/bulletin/2018-12-01.html"
          },
          {
            "trust": 0.9,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.9,
            "url": "http://www.qualcomm.com/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11267"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11267"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/129.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11267"
          },
          {
            "db": "BID",
            "id": "106128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11267"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-121109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11267"
          },
          {
            "db": "BID",
            "id": "106128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11267"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121109"
          },
          {
            "date": "2018-09-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11267"
          },
          {
            "date": "2018-12-03T00:00:00",
            "db": "BID",
            "id": "106128"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "date": "2018-09-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          },
          {
            "date": "2018-09-20T13:29:00.807000",
            "db": "NVD",
            "id": "CVE-2018-11267"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-03-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121109"
          },
          {
            "date": "2019-03-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11267"
          },
          {
            "date": "2018-12-03T00:00:00",
            "db": "BID",
            "id": "106128"
          },
          {
            "date": "2018-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          },
          {
            "date": "2019-04-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          },
          {
            "date": "2024-11-21T03:43:01.500000",
            "db": "NVD",
            "id": "CVE-2018-11267"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to array index verification in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-010813"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-971"
          }
        ],
        "trust": 0.6
      }
    }