Search

Find a vulnerability

Search criteria

    79 vulnerabilities found for sm7150 by qualcomm

    VAR-202006-1565

    Vulnerability from variot - Updated: 2025-01-30 22:27

    Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile in Kamorta, QCS605, Rennell, Saipan, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1565",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "saipan",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "saipan",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 670",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 710",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm 6150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm 7150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3642"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:kamorta_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:rennell_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:saipan_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm670_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm710_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sm6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sm7150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sm8150_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          }
        ]
      },
      "cve": "CVE-2020-3642",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-3642",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006983",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-3642",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006983",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3642",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006983",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-080",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-080"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3642"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile in Kamorta, QCS605, Rennell, Saipan, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3642"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3642",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1910",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-080",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-080"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3642"
          }
        ]
      },
      "id": "VAR-202006-1565",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T22:27:33.951000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "June 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/june-2020-security-bulletin"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-416",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3642"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin"
          },
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/june-2020-security-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3642"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3642"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-june-2020-32386"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.com/security/bulletin/2020-06-01"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1910/"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-080"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3642"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-080"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3642"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-080"
          },
          {
            "date": "2020-06-22T07:15:12.117000",
            "db": "NVD",
            "id": "CVE-2020-3642"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          },
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-080"
          },
          {
            "date": "2024-11-21T05:31:28.143000",
            "db": "NVD",
            "id": "CVE-2020-3642"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-080"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product free memory usage vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006983"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-080"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-1791

    Vulnerability from variot - Updated: 2025-01-30 21:41

    Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-1791",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10614"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          }
        ]
      },
      "cve": "CVE-2019-10614",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10614",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10614",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10614",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10614",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-10614",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-843",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-843"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10614"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10614"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10614",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-843",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-843"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10614"
          }
        ]
      },
      "id": "VAR-201912-1791",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T21:41:41.874000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "December 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105544"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-843"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10614"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10614"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10614"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-february-2020-31507"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-843"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10614"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-843"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10614"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          },
          {
            "date": "2019-12-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-843"
          },
          {
            "date": "2019-12-18T06:15:12.783000",
            "db": "NVD",
            "id": "CVE-2019-10614"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          },
          {
            "date": "2020-06-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-843"
          },
          {
            "date": "2024-11-21T04:19:35.453000",
            "db": "NVD",
            "id": "CVE-2019-10614"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-843"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to out-of-bounds writing in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013284"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-843"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202011-1399

    Vulnerability from variot - Updated: 2025-01-30 21:41

    u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130. plural Qualcomm The product contains an out-of-bounds read vulnerability. This vulnerability is CVE-2019-16336 , CVE-2019-17519 , CVE-2019-17518 It is the same vulnerability as.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have buffer error vulnerabilities. The vulnerability stems from the lack of checks for invalid opcodes and the opcode length of the central device in Bluetooth peripheral firmware

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1399",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs610",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm6125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "bitra",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8076",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ar9344",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "bitra",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "ar9344",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8076",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3703"
          }
        ]
      },
      "cve": "CVE-2020-3703",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-3703",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-3703",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-3703",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3703",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-3703",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202010-305",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3703"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "u\u0027Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130. plural Qualcomm The product contains an out-of-bounds read vulnerability. This vulnerability is CVE-2019-16336 , CVE-2019-17519 , CVE-2019-17518 It is the same vulnerability as.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. \nMany Qualcomm products have buffer error vulnerabilities. The vulnerability stems from the lack of checks for invalid opcodes and the opcode length of the central device in Bluetooth peripheral firmware",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3703"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3703",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.3453",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-305",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3703",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3703"
          }
        ]
      },
      "id": "VAR-202011-1399",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.26046866999999996
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T21:41:02.828000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "October\u00a02020\u00a0Security\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin"
          },
          {
            "title": "Google Android Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=129906"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-125",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds read (CWE-125) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3703"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
          },
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3703"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.3453/"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-october-2020-33491"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3703"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3703"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-11-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3703"
          },
          {
            "date": "2021-06-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "date": "2020-10-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          },
          {
            "date": "2020-11-02T07:15:15.247000",
            "db": "NVD",
            "id": "CVE-2020-3703"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-11-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3703"
          },
          {
            "date": "2021-06-15T02:50:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          },
          {
            "date": "2021-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          },
          {
            "date": "2024-11-21T05:31:36.480000",
            "db": "NVD",
            "id": "CVE-2020-3703"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Qualcomm\u00a0 Out-of-bounds read vulnerabilities in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012916"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-305"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202009-1432

    Vulnerability from variot - Updated: 2025-01-30 21:09

    u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150. A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets. (CVE-2020-3702) A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. (CVE-2021-3653) A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. (CVE-2021-3656) A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753) A flaw was found in the Linux kernel, where it incorrectly computes the access permissions of a shadow page. This issue leads to a missing guest protection page fault. (CVE-2021-38198) A flaw was found in the Linux kernel that allows malicious users to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). The highest threat from this vulnerability is to confidentiality. (CVE-2021-38205). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512


    Debian Security Advisory DSA-4978-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 25, 2021 https://www.debian.org/security/faq


    Package : linux CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3653 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-37576 CVE-2021-38160 CVE-2021-38166 CVE-2021-38199 CVE-2021-40490 CVE-2021-41073 Debian Bug : 993948 993978

    Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

    CVE-2020-3702

    A flaw was found in the driver for Atheros IEEE 802.11n family of
    chipsets (ath9k) allowing information disclosure.
    

    CVE-2021-3653

    Maxim Levitsky discovered a vulnerability in the KVM hypervisor
    implementation for AMD processors in the Linux kernel: Missing
    validation of the `int_ctl` VMCB field could allow a malicious L1
    guest to enable AVIC support (Advanced Virtual Interrupt Controller)
    for the L2 guest. The L2 guest can take advantage of this flaw to
    write to a limited but still relatively large subset of the host
    physical memory. 
    Missing validation of the the `virt_ext` VMCB field could allow a
    malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS
    (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances,
    the L2 guest is able to run VMLOAD/VMSAVE unintercepted and thus
    read/write portions of the host's physical memory.
    

    CVE-2021-3732

    Alois Wohlschlager reported a flaw in the implementation of the
    overlayfs subsystem, allowing a local attacker with privileges to
    mount a filesystem to reveal files hidden in the original mount.
    

    CVE-2021-3753

    Minh Yuan reported a race condition in the vt_k_ioctl in
    drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds
    read in vt.
    

    CVE-2021-37576

    Alexey Kardashevskiy reported a buffer overflow in the KVM subsystem
    on the powerpc platform, which allows KVM guest OS users to cause
    memory corruption on the host.
    

    CVE-2021-38160

    A flaw in the virtio_console was discovered allowing data corruption
    or data loss by an untrusted device. This flaw is mitigated by default in Debian as
    unprivileged calls to bpf() are disabled.
    

    CVE-2021-38199

    Michael Wakabayashi reported a flaw in the NFSv4 client
    implementation, where incorrect connection setup ordering allows
    operations of a remote NFSv4 server to cause a denial of service.
    

    For the stable distribution (bullseye), these problems have been fixed in version 5.10.46-5. This update includes fixes for #993948 and #993978.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmFO2GNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TnbQ/8C5VZ8M2c1r7inKdf/JxcNqAgmquOVo/Ib9Ei17r+7/IXa4mo/FCz4xOb V68lNhqA43GJPWGHcj8mndVfkTHnn0PRekd5oPoKTdo4fJS0JEipUvNM3W+ukYVo eJi9+rV6fLmA9w0TTLqRaAZG1jjHxKqNo0XjbwGMhM8+hp5grAGuZrNfQ8mJk/CX RM8PyeWFTkio0eVr5G4wgxSDLJeg3Aa9azYvfXhgZ8OCl1ArSgLN3xhHqfuXFPAN F2i8ZRSwwlFtkea/Zm1eet+uwEs3Mz0pCXxBApITIaPh8Zo1Lj/0u8BBQqbGTuiF 6JNYnZc6TZ16DI3M8/a4x8sjG/C4Q6D+rOTpfaoydz4kcGEFWZC7/L9Y0wmd11da a4OIQq56Kk1bYI+G/7hl6BstLZxaqY/mafshV+nhQIzOBMBo35/r6Coz7AQUSJ5R vpPv1CKSwwki9zic0aegXZRUd0SJAyNEOqpvDSlT0hy2nNlnYFKIAySlFv68Lz9M RO/t4qFaKz07UdrNqN7E6qXZ6TZ18cIw2SQiozcR7g3CQ5WrBErxibkvmM4vHDgp /AlmxCuiTNtBdwGNlcT16kCbvyQLx3wSzisUBceIQqb/XTw9Ti2ctDWgYStsscSC LaEFBjJhYxBvDhnav4P2ZpHni5C1J/KS3qiR6wCEBTh4Qy5dYjo= =L0c4 -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-5115-1 October 20, 2021

    linux-oem-5.10 vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 20.04 LTS

    Summary:

    Several security issues were fixed in the Linux kernel.

    Software Description: - linux-oem-5.10: Linux kernel for OEM systems

    Details:

    It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702)

    Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624)

    Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556)

    Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477)

    It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679)

    It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159)

    Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732)

    It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739)

    It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743)

    It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753)

    It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759)

    It was discovered that the BPF subsystem in the Linux kernel contained an integer overflow in its hash table implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-38166)

    It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204)

    It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205)

    It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490)

    It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 20.04 LTS: linux-image-5.10.0-1050-oem 5.10.0-1050.52 linux-image-oem-20.04 5.10.0.1050.52 linux-image-oem-20.04b 5.10.0.1050.52

    After a standard system update you need to reboot your computer to make all the necessary changes.

    ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

    References: https://ubuntu.com/security/notices/USN-5115-1 CVE-2020-3702, CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-3732, CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2021-38166, CVE-2021-38204, CVE-2021-38205, CVE-2021-40490, CVE-2021-42008

    Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1050.52

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202009-1432",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "10.0"
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "ipq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "access point",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "arista",
            "version": "8.8.3-12"
          },
          {
            "model": "qcn5502",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9531",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3702"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ubuntu",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "164561"
          },
          {
            "db": "PACKETSTORM",
            "id": "166568"
          },
          {
            "db": "PACKETSTORM",
            "id": "164594"
          },
          {
            "db": "PACKETSTORM",
            "id": "164585"
          },
          {
            "db": "PACKETSTORM",
            "id": "164584"
          },
          {
            "db": "PACKETSTORM",
            "id": "164581"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-3702",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2020-3702",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-3702",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3702",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202008-066",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-3702",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-3702"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3702"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "u\u0027Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150. A flaw was found in the Linux kernel\u0027s implementation of wireless drivers using the Atheros chipsets. (CVE-2020-3702)\nA flaw was found in the KVM\u0027s AMD code for supporting SVM nested virtualization. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. (CVE-2021-3653)\nA flaw was found in the KVM\u0027s AMD code for supporting SVM nested virtualization. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. (CVE-2021-3656)\nA flaw was found in the Linux kernel\u0027s OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753)\nA flaw was found in the Linux kernel, where it incorrectly computes the access permissions of a shadow page. This issue leads to a missing guest protection page fault. (CVE-2021-38198)\nA flaw was found in the Linux kernel that allows malicious users to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). The highest threat from this vulnerability is to confidentiality. (CVE-2021-38205). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4978-1                   security@debian.org\nhttps://www.debian.org/security/                     Salvatore Bonaccorso\nSeptember 25, 2021                    https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : linux\nCVE ID         : CVE-2020-3702 CVE-2020-16119 CVE-2021-3653 CVE-2021-3656 \n                 CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 \n                 CVE-2021-3753 CVE-2021-37576 CVE-2021-38160 CVE-2021-38166 \n                 CVE-2021-38199 CVE-2021-40490 CVE-2021-41073\nDebian Bug     : 993948 993978\n\nSeveral vulnerabilities have been discovered in the Linux kernel\nthat may lead to a privilege escalation, denial of service or\ninformation leaks. \n\nCVE-2020-3702\n\n    A flaw was found in the driver for Atheros IEEE 802.11n family of\n    chipsets (ath9k) allowing information disclosure. \n\nCVE-2021-3653\n\n    Maxim Levitsky discovered a vulnerability in the KVM hypervisor\n    implementation for AMD processors in the Linux kernel: Missing\n    validation of the `int_ctl` VMCB field could allow a malicious L1\n    guest to enable AVIC support (Advanced Virtual Interrupt Controller)\n    for the L2 guest. The L2 guest can take advantage of this flaw to\n    write to a limited but still relatively large subset of the host\n    physical memory. \n    Missing validation of the the `virt_ext` VMCB field could allow a\n    malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS\n    (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances,\n    the L2 guest is able to run VMLOAD/VMSAVE unintercepted and thus\n    read/write portions of the host\u0027s physical memory. \n\nCVE-2021-3732\n\n    Alois Wohlschlager reported a flaw in the implementation of the\n    overlayfs subsystem, allowing a local attacker with privileges to\n    mount a filesystem to reveal files hidden in the original mount. \n\nCVE-2021-3753\n\n    Minh Yuan reported a race condition in the vt_k_ioctl in\n    drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds\n    read in vt. \n\nCVE-2021-37576\n\n    Alexey Kardashevskiy reported a buffer overflow in the KVM subsystem\n    on the powerpc platform, which allows KVM guest OS users to cause\n    memory corruption on the host. \n\nCVE-2021-38160\n\n    A flaw in the virtio_console was discovered allowing data corruption\n    or data loss by an untrusted device. This flaw is mitigated by default in Debian as\n    unprivileged calls to bpf() are disabled. \n\nCVE-2021-38199\n\n    Michael Wakabayashi reported a flaw in the NFSv4 client\n    implementation, where incorrect connection setup ordering allows\n    operations of a remote NFSv4 server to cause a denial of service. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 5.10.46-5. This update includes fixes for #993948 and #993978. \n\nWe recommend that you upgrade your linux packages. \n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmFO2GNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TnbQ/8C5VZ8M2c1r7inKdf/JxcNqAgmquOVo/Ib9Ei17r+7/IXa4mo/FCz4xOb\nV68lNhqA43GJPWGHcj8mndVfkTHnn0PRekd5oPoKTdo4fJS0JEipUvNM3W+ukYVo\neJi9+rV6fLmA9w0TTLqRaAZG1jjHxKqNo0XjbwGMhM8+hp5grAGuZrNfQ8mJk/CX\nRM8PyeWFTkio0eVr5G4wgxSDLJeg3Aa9azYvfXhgZ8OCl1ArSgLN3xhHqfuXFPAN\nF2i8ZRSwwlFtkea/Zm1eet+uwEs3Mz0pCXxBApITIaPh8Zo1Lj/0u8BBQqbGTuiF\n6JNYnZc6TZ16DI3M8/a4x8sjG/C4Q6D+rOTpfaoydz4kcGEFWZC7/L9Y0wmd11da\na4OIQq56Kk1bYI+G/7hl6BstLZxaqY/mafshV+nhQIzOBMBo35/r6Coz7AQUSJ5R\nvpPv1CKSwwki9zic0aegXZRUd0SJAyNEOqpvDSlT0hy2nNlnYFKIAySlFv68Lz9M\nRO/t4qFaKz07UdrNqN7E6qXZ6TZ18cIw2SQiozcR7g3CQ5WrBErxibkvmM4vHDgp\n/AlmxCuiTNtBdwGNlcT16kCbvyQLx3wSzisUBceIQqb/XTw9Ti2ctDWgYStsscSC\nLaEFBjJhYxBvDhnav4P2ZpHni5C1J/KS3qiR6wCEBTh4Qy5dYjo=\n=L0c4\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-5115-1\nOctober 20, 2021\n\nlinux-oem-5.10 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux-oem-5.10: Linux kernel for OEM systems\n\nDetails:\n\nIt was discovered that a race condition existed in the Atheros Ath9k WiFi\ndriver in the Linux kernel. An attacker could possibly use this to expose\nsensitive information (WiFi network traffic). (CVE-2020-3702)\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk\ndiscovered that the BPF verifier in the Linux kernel missed possible\nmispredicted branches due to type confusion, allowing a side-channel\nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nBenedict Schlueter discovered that the BPF subsystem in the Linux kernel\ndid not properly protect against Speculative Store Bypass (SSB) side-\nchannel attacks in some situations. A local attacker could possibly use\nthis to expose sensitive information. (CVE-2021-34556)\n\nPiotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not\nproperly protect against Speculative Store Bypass (SSB) side-channel\nattacks in some situations. A local attacker could possibly use this to\nexpose sensitive information. (CVE-2021-35477)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not\nproperly keep track of per-cpu ring buffer state. A privileged attacker\ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Option USB High Speed Mobile device driver in\nthe Linux kernel did not properly handle error conditions. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2021-37159)\n\nAlois Wohlschlager discovered that the overlay file system in the Linux\nkernel did not restrict private clones in some situations. An attacker\ncould use this to expose sensitive information. (CVE-2021-3732)\n\nIt was discovered that the btrfs file system in the Linux kernel did not\nproperly handle removing a non-existent device id. An attacker with\nCAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739)\n\nIt was discovered that the Qualcomm IPC Router protocol implementation in\nthe Linux kernel did not properly validate metadata in some situations. A\nlocal attacker could use this to cause a denial of service (system crash)\nor expose sensitive information. (CVE-2021-3743)\n\nIt was discovered that the virtual terminal (vt) device implementation in\nthe Linux kernel contained a race condition in its ioctl handling that led\nto an out-of-bounds read vulnerability. A local attacker could possibly use\nthis to expose sensitive information. (CVE-2021-3753)\n\nIt was discovered that the Linux kernel did not properly account for the\nmemory usage of certain IPC objects. A local attacker could use this to\ncause a denial of service (memory exhaustion). (CVE-2021-3759)\n\nIt was discovered that the BPF subsystem in the Linux kernel contained an\ninteger overflow in its hash table implementation. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2021-38166)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux\nkernel did not properly handle device removal events. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2021-38204)\n\nIt was discovered that the Xilinx 10/100 Ethernet Lite device driver in the\nLinux kernel could report pointer addresses in some situations. An attacker\ncould use this information to ease the exploitation of another\nvulnerability. (CVE-2021-38205)\n\nIt was discovered that the ext4 file system in the Linux kernel contained a\nrace condition when writing xattrs to an inode. A local attacker could use\nthis to cause a denial of service or possibly gain administrative\nprivileges. (CVE-2021-40490)\n\nIt was discovered that the 6pack network protocol driver in the Linux\nkernel did not properly perform validation checks. A privileged attacker\ncould use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2021-42008)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.04 LTS:\n  linux-image-5.10.0-1050-oem     5.10.0-1050.52\n  linux-image-oem-20.04           5.10.0.1050.52\n  linux-image-oem-20.04b          5.10.0.1050.52\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n  https://ubuntu.com/security/notices/USN-5115-1\n  CVE-2020-3702, CVE-2021-33624, CVE-2021-34556, CVE-2021-35477,\n  CVE-2021-3679, CVE-2021-37159, CVE-2021-3732, CVE-2021-3739,\n  CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2021-38166,\n  CVE-2021-38204, CVE-2021-38205, CVE-2021-40490, CVE-2021-42008\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1050.52\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3702"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3702"
          },
          {
            "db": "PACKETSTORM",
            "id": "169128"
          },
          {
            "db": "PACKETSTORM",
            "id": "164561"
          },
          {
            "db": "PACKETSTORM",
            "id": "166568"
          },
          {
            "db": "PACKETSTORM",
            "id": "164594"
          },
          {
            "db": "PACKETSTORM",
            "id": "164585"
          },
          {
            "db": "PACKETSTORM",
            "id": "164584"
          },
          {
            "db": "PACKETSTORM",
            "id": "164581"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3702",
            "trust": 2.5
          },
          {
            "db": "PACKETSTORM",
            "id": "164561",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "166568",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "164594",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "164584",
            "trust": 0.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.3455",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.4089",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.3225",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.4282",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.1408",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.4163",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.3391",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.3483",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.4117",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.3535",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.3422",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.3512",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.4156",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-066",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3702",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "169128",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "164585",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "164581",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3702"
          },
          {
            "db": "PACKETSTORM",
            "id": "169128"
          },
          {
            "db": "PACKETSTORM",
            "id": "164561"
          },
          {
            "db": "PACKETSTORM",
            "id": "166568"
          },
          {
            "db": "PACKETSTORM",
            "id": "164594"
          },
          {
            "db": "PACKETSTORM",
            "id": "164585"
          },
          {
            "db": "PACKETSTORM",
            "id": "164584"
          },
          {
            "db": "PACKETSTORM",
            "id": "164581"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3702"
          }
        ]
      },
      "id": "VAR-202009-1432",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T21:09:39.302000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Multiple Qualcomm Product encryption problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125400"
          },
          {
            "title": "Ubuntu Security Notice: USN-5361-1: Linux kernel vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5361-1"
          },
          {
            "title": "Amazon Linux 2: ALASMICROVM-KERNEL-4.14-2023-003",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALASMICROVM-KERNEL-4.14-2023-003"
          },
          {
            "title": "Amazon Linux 2: ALAS2KERNEL-5.10-2022-005",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2KERNEL-5.10-2022-005"
          },
          {
            "title": "Amazon Linux 2: ALASMICROVM-KERNEL-4.14-2023-002",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALASMICROVM-KERNEL-4.14-2023-002"
          },
          {
            "title": "Debian Security Advisories: DSA-4978-1 linux -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=f74b5ec454c038ed56299a62dc9be102"
          },
          {
            "title": "kr00k-notes",
            "trust": 0.1,
            "url": "https://github.com/raul23/kr00k-notes "
          },
          {
            "title": "kr00k-tests",
            "trust": 0.1,
            "url": "https://github.com/raul23/kr00k-tests "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
          },
          {
            "title": null,
            "trust": 0.1,
            "url": "https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/kr-k-attack-variants-impact-qualcomm-mediatek-wi-fi-chips/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-3702"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-319",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3702"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin"
          },
          {
            "trust": 1.7,
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58"
          },
          {
            "trust": 1.7,
            "url": "https://www.debian.org/security/2021/dsa-4978"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
          },
          {
            "trust": 1.7,
            "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
          },
          {
            "trust": 1.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3702"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40490"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/qualcomm-atheros-ieee-802-11n-no-chiffrement-36534"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/164584/ubuntu-security-notice-usn-5115-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.3535"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/164594/ubuntu-security-notice-usn-5116-2.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.3483"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.4117"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.3512"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/166568/ubuntu-security-notice-usn-5361-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.3225"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.4089"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.3422"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.3455"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.4156"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.4282"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.1408"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.4163"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/164561/ubuntu-security-notice-usn-5113-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.3391"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3732"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-42008"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3743"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-38166"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3739"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3753"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-38198"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-38205"
          },
          {
            "trust": 0.2,
            "url": "https://ubuntu.com/security/notices/usn-5361-1"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3679"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-37159"
          },
          {
            "trust": 0.2,
            "url": "https://ubuntu.com/security/notices/usn-5116-1"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/319.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/raul23/kr00k-notes"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://alas.aws.amazon.com/al2/alasmicrovm-kernel-4.14-2023-003.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-37576"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-38160"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3656"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3653"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-38199"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-16119"
          },
          {
            "trust": 0.1,
            "url": "https://security-tracker.debian.org/tracker/linux"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gcp-5.11/5.11.0-1021.23~20.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-aws-5.11/5.11.0-1020.21~20.04.2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-azure-5.11/5.11.0-1020.21~20.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-raspi/5.11.0-1021.22"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.11.0-1018.19"
          },
          {
            "trust": 0.1,
            "url": "https://ubuntu.com/security/notices/usn-5113-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-aws/5.11.0-1020.21"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-azure/5.11.0-1020.21"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-hwe-5.11/5.11.0-38.42~20.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.11.0-1021.23"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux/5.11.0-38.42"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-42739"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-0920"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-28964"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4083"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26145"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-0935"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45486"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26141"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12888"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-31916"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39636"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-43976"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1056.60~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1058.61~18.04.3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1025.26"
          },
          {
            "trust": 0.1,
            "url": "https://ubuntu.com/security/notices/usn-5116-2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1054.57~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1045.49~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1054.57"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1045.49"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1062.65"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1025.26~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1058.61"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1062.65~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1056.60"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux/5.4.0-89.100"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1055.59~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-89.100~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1020.23"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1048.50"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1050.52"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-34556"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3759"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-38204"
          },
          {
            "trust": 0.1,
            "url": "https://ubuntu.com/security/notices/usn-5115-1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-33624"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-35477"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1097.103"
          },
          {
            "trust": 0.1,
            "url": "https://ubuntu.com/security/notices/usn-5114-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1114.123"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1125.138"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux/4.15.0-161.169"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1114.121"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-dell300x/4.15.0-1029.34"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1110.124"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1101.103"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3702"
          },
          {
            "db": "PACKETSTORM",
            "id": "169128"
          },
          {
            "db": "PACKETSTORM",
            "id": "164561"
          },
          {
            "db": "PACKETSTORM",
            "id": "166568"
          },
          {
            "db": "PACKETSTORM",
            "id": "164594"
          },
          {
            "db": "PACKETSTORM",
            "id": "164585"
          },
          {
            "db": "PACKETSTORM",
            "id": "164584"
          },
          {
            "db": "PACKETSTORM",
            "id": "164581"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3702"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3702"
          },
          {
            "db": "PACKETSTORM",
            "id": "169128"
          },
          {
            "db": "PACKETSTORM",
            "id": "164561"
          },
          {
            "db": "PACKETSTORM",
            "id": "166568"
          },
          {
            "db": "PACKETSTORM",
            "id": "164594"
          },
          {
            "db": "PACKETSTORM",
            "id": "164585"
          },
          {
            "db": "PACKETSTORM",
            "id": "164584"
          },
          {
            "db": "PACKETSTORM",
            "id": "164581"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3702"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3702"
          },
          {
            "date": "2021-09-28T19:12:00",
            "db": "PACKETSTORM",
            "id": "169128"
          },
          {
            "date": "2021-10-20T15:44:10",
            "db": "PACKETSTORM",
            "id": "164561"
          },
          {
            "date": "2022-04-01T15:43:33",
            "db": "PACKETSTORM",
            "id": "166568"
          },
          {
            "date": "2021-10-22T15:36:06",
            "db": "PACKETSTORM",
            "id": "164594"
          },
          {
            "date": "2021-10-21T15:32:15",
            "db": "PACKETSTORM",
            "id": "164585"
          },
          {
            "date": "2021-10-21T15:31:59",
            "db": "PACKETSTORM",
            "id": "164584"
          },
          {
            "date": "2021-10-21T15:28:40",
            "db": "PACKETSTORM",
            "id": "164581"
          },
          {
            "date": "2020-08-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          },
          {
            "date": "2020-09-08T10:15:16.340000",
            "db": "NVD",
            "id": "CVE-2020-3702"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3702"
          },
          {
            "date": "2022-04-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          },
          {
            "date": "2024-11-21T05:31:36.317000",
            "db": "NVD",
            "id": "CVE-2020-3702"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple Qualcomm Product Encryption Vulnerability",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-066"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202011-1394

    Vulnerability from variot - Updated: 2025-01-30 21:03

    u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from server' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Agatti, Kamorta, Nicobar, QCM6125, QCS610, Rennell, SA415M, Saipan, SC7180, SC8180X, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1394",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "saipan",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa415m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "agatti",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc7180",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm6125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs610",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa415m",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "rennell",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "saipan",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "qcs610",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "agatti",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "qcm6125",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "sc7180",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3692"
          }
        ]
      },
      "cve": "CVE-2020-3692",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-3692",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-3692",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-3692",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3692",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-3692",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202010-300",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-300"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3692"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "u\u0027Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from server\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Agatti, Kamorta, Nicobar, QCM6125, QCS610, Rennell, SA415M, Saipan, SC7180, SC8180X, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3692"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3692",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.3453",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-300",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3692",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-300"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3692"
          }
        ]
      },
      "id": "VAR-202011-1394",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T21:03:25.183000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "October\u00a02020\u00a0Security\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin"
          },
          {
            "title": "Google Android Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=129901"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-android-system-flaws/159948/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-3692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-300"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3692"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3692"
          },
          {
            "trust": 1.0,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.3453/"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-multiple-vulnerabilities-of-october-2020-33491"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/google-android-system-flaws/159948/"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-300"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3692"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-300"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3692"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-11-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3692"
          },
          {
            "date": "2021-06-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "date": "2020-10-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-300"
          },
          {
            "date": "2020-11-02T07:15:14.937000",
            "db": "NVD",
            "id": "CVE-2020-3692"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-11-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3692"
          },
          {
            "date": "2021-06-15T02:50:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          },
          {
            "date": "2020-11-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-300"
          },
          {
            "date": "2024-11-21T05:31:35.250000",
            "db": "NVD",
            "id": "CVE-2020-3692"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Qualcomm\u00a0 Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012912"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-300"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1297

    Vulnerability from variot - Updated: 2025-01-30 20:54

    Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA415M, SA6155P, Saipan, SC8180X, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1297",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "saipan",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa415m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3630"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:kamorta_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          }
        ]
      },
      "cve": "CVE-2020-3630",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-3630",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006026",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-3630",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006026",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3630",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006026",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202005-075",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-075"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3630"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA415M, SA6155P, Saipan, SC8180X, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3630"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3630",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1591",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-075",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-075"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3630"
          }
        ]
      },
      "id": "VAR-202006-1297",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T20:54:51.685000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "May 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=120682"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-075"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-129",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3630"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3630"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3630"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1591/"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-may-2020-32179"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-075"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3630"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-075"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3630"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202005-075"
          },
          {
            "date": "2020-06-02T15:15:13.930000",
            "db": "NVD",
            "id": "CVE-2020-3630"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          },
          {
            "date": "2022-03-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202005-075"
          },
          {
            "date": "2024-11-21T05:31:26.613000",
            "db": "NVD",
            "id": "CVE-2020-3630"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-075"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Buffer error vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006026"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-075"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0665

    Vulnerability from variot - Updated: 2025-01-30 20:40

    Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product is vulnerable to integer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0665",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9379",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq6018",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6564",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9886",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca4531",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc7180",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq6018",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14114"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq6018_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          }
        ]
      },
      "cve": "CVE-2019-14114",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14114",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 10.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015418",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14114",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015418",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14114",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015418",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-205",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-205"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14114"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product is vulnerable to integer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14114"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14114",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-205",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-205"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14114"
          }
        ]
      },
      "id": "VAR-202004-0665",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T20:40:28.069000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "April 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
          },
          {
            "title": "Multiple Qualcomm Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115465"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-205"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14114"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14114"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14114"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2020-31950"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-205"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14114"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-205"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14114"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          },
          {
            "date": "2020-04-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-205"
          },
          {
            "date": "2020-04-16T11:15:15.260000",
            "db": "NVD",
            "id": "CVE-2019-14114"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-205"
          },
          {
            "date": "2024-11-21T04:26:06.887000",
            "db": "NVD",
            "id": "CVE-2019-14114"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Integer overflow vulnerability in product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015418"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-205"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-1779

    Vulnerability from variot - Updated: 2025-01-30 20:39

    Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a double release vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 is a central processing unit (CPU) product from Qualcomm.

    The WLAN Host in multiple Qualcomm products has a resource management error vulnerability. No detailed vulnerability details are provided at this time

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-1779",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9379",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9607"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9650"
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "24"
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "405"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "20"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9206"
          },
          {
            "model": "qca 6574au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "4019"
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8064"
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8074"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9640"
          },
          {
            "model": "qca 6174a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9377"
          },
          {
            "model": "qca",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9379"
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "1130"
          },
          {
            "model": "qca",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8081"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8998"
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "6150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8250"
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "2130"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8017"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8053"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8009"
          },
          {
            "model": "apq 8096au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8098"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8917"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8920"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8937"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8940"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8953"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "55"
          },
          {
            "model": "mdm 9207c",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7605"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10536"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          }
        ]
      },
      "cve": "CVE-2019-10536",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10536",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-03573",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-10536",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10536",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10536",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-10536",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-03573",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-094",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-10536",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-094"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10536"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a double release vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 is a central processing unit (CPU) product from Qualcomm. \n\r\n\r\nThe WLAN Host in multiple Qualcomm products has a resource management error vulnerability. No detailed vulnerability details are provided at this time",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10536"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10536",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-094",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10536",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-094"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10536"
          }
        ]
      },
      "id": "VAR-201912-1779",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          }
        ]
      },
      "last_update_date": "2025-01-30T20:39:28.307000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "December 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm Product Resource Management Error Vulnerabilities (CNVD-2020-03573)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/198865"
          },
          {
            "title": "Multiple Qualcomm Product resource management error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105629"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-094"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-415",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10536"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10536"
          },
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10536"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/415.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-094"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10536"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10536"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-094"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10536"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          },
          {
            "date": "2019-12-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10536"
          },
          {
            "date": "2019-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "date": "2019-12-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-094"
          },
          {
            "date": "2019-12-18T06:15:11.847000",
            "db": "NVD",
            "id": "CVE-2019-10536"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03573"
          },
          {
            "date": "2019-12-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10536"
          },
          {
            "date": "2019-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          },
          {
            "date": "2020-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-094"
          },
          {
            "date": "2024-11-21T04:19:23.160000",
            "db": "NVD",
            "id": "CVE-2019-10536"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-094"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Double release vulnerability in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013385"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-094"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-1723

    Vulnerability from variot - Updated: 2025-01-30 20:28

    Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-1723",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10572"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          }
        ]
      },
      "cve": "CVE-2019-10572",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10572",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10572",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10572",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10572",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-10572",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-842",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-842"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10572"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10572"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10572",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-842",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-842"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10572"
          }
        ]
      },
      "id": "VAR-201912-1723",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T20:28:15.978000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "December 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105754"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-842"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10572"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10572"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10572"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-february-2020-31507"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-842"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10572"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-842"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10572"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          },
          {
            "date": "2019-12-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-842"
          },
          {
            "date": "2019-12-18T06:15:12.253000",
            "db": "NVD",
            "id": "CVE-2019-10572"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          },
          {
            "date": "2020-06-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-842"
          },
          {
            "date": "2024-11-21T04:19:28.877000",
            "db": "NVD",
            "id": "CVE-2019-10572"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-842"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product integer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013382"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-842"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-1751

    Vulnerability from variot - Updated: 2025-01-30 20:22

    Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9980, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 is a central processing unit (CPU) product from Qualcomm.

    A buffer overflow vulnerability exists in the WLAN Host in multiple Qualcomm products. The vulnerability stems from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to associated other memory locations An attacker could use this vulnerability to cause a buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-1751",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9379",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9980",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8939",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9607"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9650"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8909"
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "24"
          },
          {
            "model": "msm 8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "20"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9206"
          },
          {
            "model": "qca 6574au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "4019"
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8064"
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8074"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9640"
          },
          {
            "model": "qca 6174a",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9377"
          },
          {
            "model": "qca",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9379"
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "1130"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "6150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8150"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8017"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8053"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8009"
          },
          {
            "model": "apq 8096au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8098"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9615"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8917"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8920"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8937"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8939"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8940"
          },
          {
            "model": "mdm 9207c",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7605"
          },
          {
            "model": "qca",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9980"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10480"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          }
        ]
      },
      "cve": "CVE-2019-10480",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10480",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-03579",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-10480",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10480",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10480",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-10480",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-03579",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-095",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10480"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9980, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 is a central processing unit (CPU) product from Qualcomm. \n\r\n\r\nA buffer overflow vulnerability exists in the WLAN Host in multiple Qualcomm products. The vulnerability stems from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to associated other memory locations An attacker could use this vulnerability to cause a buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10480"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10480",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-095",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10480"
          }
        ]
      },
      "id": "VAR-201912-1751",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          }
        ]
      },
      "last_update_date": "2025-01-30T20:22:19.274000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "December 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2020-03579)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/198809"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105630"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-095"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-120",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10480"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10480"
          },
          {
            "trust": 1.2,
            "url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10480"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10480"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10480"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          },
          {
            "date": "2019-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "date": "2019-12-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-095"
          },
          {
            "date": "2019-12-18T06:15:11.017000",
            "db": "NVD",
            "id": "CVE-2019-10480"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03579"
          },
          {
            "date": "2019-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          },
          {
            "date": "2020-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-095"
          },
          {
            "date": "2024-11-21T04:19:14.297000",
            "db": "NVD",
            "id": "CVE-2019-10480"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-095"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Classic buffer overflow vulnerability in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013362"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-095"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0664

    Vulnerability from variot - Updated: 2025-01-30 20:21

    Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product is vulnerable to integer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0664",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9379",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq6018",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6564",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9886",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca4531",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc7180",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq6018",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14113"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq6018_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          }
        ]
      },
      "cve": "CVE-2019-14113",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14113",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 10.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015417",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14113",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015417",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14113",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015417",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-208",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-208"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14113"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product is vulnerable to integer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14113",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-208",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-208"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14113"
          }
        ]
      },
      "id": "VAR-202004-0664",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T20:21:47.115000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "April 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
          },
          {
            "title": "Multiple Qualcomm Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115467"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-208"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14113"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14113"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14113"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2020-31950"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-208"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14113"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-208"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14113"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          },
          {
            "date": "2020-04-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-208"
          },
          {
            "date": "2020-04-16T11:15:15.183000",
            "db": "NVD",
            "id": "CVE-2019-14113"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-208"
          },
          {
            "date": "2024-11-21T04:26:06.723000",
            "db": "NVD",
            "id": "CVE-2019-14113"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Integer overflow vulnerability in product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015417"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-208"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0676

    Vulnerability from variot - Updated: 2025-01-30 20:20

    Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer size in case of SAP mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0676",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9379",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq6018",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6564",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9886",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca4531",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc7180",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq6018",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14110"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq6018_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          }
        ]
      },
      "cve": "CVE-2019-14110",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14110",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 10.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015415",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14110",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015415",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14110",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015415",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-216",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-216"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14110"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer size in case of SAP mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14110"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14110",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-216",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-216"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14110"
          }
        ]
      },
      "id": "VAR-202004-0676",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T20:20:06.433000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "April 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115472"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-216"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14110"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14110"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14110"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2020-31950"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-216"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14110"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-216"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14110"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          },
          {
            "date": "2020-04-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-216"
          },
          {
            "date": "2020-04-16T11:15:15.027000",
            "db": "NVD",
            "id": "CVE-2019-14110"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-216"
          },
          {
            "date": "2024-11-21T04:26:06.273000",
            "db": "NVD",
            "id": "CVE-2019-14110"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015415"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-216"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1285

    Vulnerability from variot - Updated: 2025-01-30 19:54

    Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, IPQ6018, IPQ8074, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCS404, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1285",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ipq6018",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9379",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6584",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq6018",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10546"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq6018_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:nicobar_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6174a_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          }
        ]
      },
      "cve": "CVE-2019-10546",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10546",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 10.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014773",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10546",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014773",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10546",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-014773",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-141",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10546"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, IPQ6018, IPQ8074, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCS404, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10546"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10546",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-141",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10546"
          }
        ]
      },
      "id": "VAR-202003-1285",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T19:54:34.717000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "March 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "title": "Multiple Qualcomm product WLAN Fix for component buffer error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111249"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10546"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10546"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10546"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2020-31720"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10546"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10546"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          },
          {
            "date": "2020-03-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          },
          {
            "date": "2020-03-05T09:15:15.423000",
            "db": "NVD",
            "id": "CVE-2019-10546"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          },
          {
            "date": "2020-03-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          },
          {
            "date": "2024-11-21T04:19:25.217000",
            "db": "NVD",
            "id": "CVE-2019-10546"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014773"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-141"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-1428

    Vulnerability from variot - Updated: 2025-01-30 19:54

    Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, Nicobar, QCA9980, QCS405, QCS605, SDM845, SDX24, SM7150, SM8150. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is acquired, information is falsified, and denial of service (DoS) May be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-1428",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9980",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207c",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9980",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2266"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9207c_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:nicobar_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca9980_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          }
        ]
      },
      "cve": "CVE-2019-2266",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2266",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-2266",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-2266",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2266",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2266",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201911-1249",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1249"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2266"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, Nicobar, QCA9980, QCS405, QCS605, SDM845, SDX24, SM7150, SM8150. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is acquired, information is falsified, and denial of service (DoS) May be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2266",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1249",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1249"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2266"
          }
        ]
      },
      "id": "VAR-201911-1428",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T19:54:31.393000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "October 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
          },
          {
            "title": "Multiple Qualcomm Product resource management error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103614"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1249"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-415",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-416",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2266"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2266"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2266"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1249"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2266"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1249"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2266"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          },
          {
            "date": "2019-11-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201911-1249"
          },
          {
            "date": "2019-11-21T15:15:15.230000",
            "db": "NVD",
            "id": "CVE-2019-2266"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201911-1249"
          },
          {
            "date": "2024-11-21T04:40:34.557000",
            "db": "NVD",
            "id": "CVE-2019-2266"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1249"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Products use free memory vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012281"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1249"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-1802

    Vulnerability from variot - Updated: 2025-01-30 19:52

    Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MSM8996AU, Nicobar, QCA6574AU, QCN7605, QCS405, SDM630, SDM636, SDM660, SDM845, SM6150, SM7150, SM8150. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MSM8996AU and so on are a kind of central processing unit (CPU) products of Qualcomm of the United States.

    The WLAN Host in multiple Qualcomm products has an input validation error vulnerability that could be exploited by an attacker to access out of range when processing firmware events

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-1802",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "nicobar",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "405"
          },
          {
            "model": "qca 6574au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "4019"
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8064"
          },
          {
            "model": "ipq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8074"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "6150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8150"
          },
          {
            "model": "apq 8096au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7605"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10601"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:nicobar_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcn7605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm630_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          }
        ]
      },
      "cve": "CVE-2019-10601",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10601",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-03578",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-10601",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10601",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10601",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-10601",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-03578",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-088",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-10601",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-088"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10601"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MSM8996AU, Nicobar, QCA6574AU, QCN7605, QCS405, SDM630, SDM636, SDM660, SDM845, SM6150, SM7150, SM8150. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MSM8996AU and so on are a kind of central processing unit (CPU) products of Qualcomm of the United States. \n\r\n\r\nThe WLAN Host in multiple Qualcomm products has an input validation error vulnerability that could be exploited by an attacker to access out of range when processing firmware events",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10601"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10601",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-088",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10601",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-088"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10601"
          }
        ]
      },
      "id": "VAR-201912-1802",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          }
        ]
      },
      "last_update_date": "2025-01-30T19:52:37.671000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "December 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm Product Input Validation Error Vulnerabilities (CNVD-2020-03578)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/198883"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105624"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-088"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-129",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10601"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10601"
          },
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10601"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/129.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-088"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10601"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-088"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10601"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          },
          {
            "date": "2019-12-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10601"
          },
          {
            "date": "2019-12-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "date": "2019-12-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-088"
          },
          {
            "date": "2019-12-18T06:15:12.567000",
            "db": "NVD",
            "id": "CVE-2019-10601"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03578"
          },
          {
            "date": "2019-12-22T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10601"
          },
          {
            "date": "2019-12-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          },
          {
            "date": "2020-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-088"
          },
          {
            "date": "2024-11-21T04:19:33.180000",
            "db": "NVD",
            "id": "CVE-2019-10601"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-088"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to array index verification in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013348"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-088"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-1451

    Vulnerability from variot - Updated: 2025-01-30 19:50

    Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-1451",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8064",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2304"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8064_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8917_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8920_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8937_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8940_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcn7605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs405_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          }
        ]
      },
      "cve": "CVE-2019-2304",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2304",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-2304",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-2304",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2304",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2304",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-085",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-085"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2304"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2304"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2304",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-085",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-085"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2304"
          }
        ]
      },
      "id": "VAR-201912-1451",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ],
        "trust": 0.01
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T19:50:11.808000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "December 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105459"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-085"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-190",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-120",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2304"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2304"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2304"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-085"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2304"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-085"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2304"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          },
          {
            "date": "2019-12-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-085"
          },
          {
            "date": "2019-12-18T06:15:13.080000",
            "db": "NVD",
            "id": "CVE-2019-2304"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          },
          {
            "date": "2020-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-085"
          },
          {
            "date": "2024-11-21T04:40:39.803000",
            "db": "NVD",
            "id": "CVE-2019-2304"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-085"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Classic buffer overflow vulnerability in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013287"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-085"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201905-0758

    Vulnerability from variot - Updated: 2025-01-30 19:50

    Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find event from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 625, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDX20, SDX24, SM7150. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. Multiple information-disclosure vulnerabilities 3. Multiple security-bypass vulnerabilities 4. Multiple security vulnerabilities 5. Multiple integer overflow vulnerabilities An attacker can exploit these issues to bypass certain security restrictions and to perform unauthorized actions, gain elevated privileges, obtain sensitive information or execute arbitrary code. Failed exploits may result in a denial-of-service condition. These issues are being tracked by Android Bug IDs A-79377832, A-72957385, A-109741680, A-77527719, A-109741946, A-111127853, A-111128575, A-111126050, A-111125792, A-111128301, A-111128420, A-111128838, A-111128797, A-111128421, A-111128578, A-111127989, A-111128877, A-111128841, A-111126532, A-112277221, A-112276863, A-112278150, A-112277910, A-112277186, A-112278861, A-112277891, A-112278405, A-112277852, A-120487136*. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. An input validation error vulnerability exists in several Qualcomm products. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Qualcomm MDM9150; MDM9206; MDM9607; MDM9640; MDM9650; MSM8996AU; QCA6174A; QCA6574AU; 670; SD 820; SD 820A; SD 845; SD 850; SD 855; SDX20; SDX24; SM7150

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0758",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "qca9379",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6174a",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9377",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca9379",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "107770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11927"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6174a_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca9377_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca9379_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported this issue.",
        "sources": [
          {
            "db": "BID",
            "id": "107770"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-11927",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-11927",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-121835",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2018-11927",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-11927",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-11927",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201904-114",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-121835",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-11927",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121835"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11927"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-114"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11927"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find event from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 625, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDX20, SDX24, SM7150. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Google Android is prone to the following security vulnerabilities:\n1. Multiple buffer-overflow vulnerabilities\n2. Multiple information-disclosure vulnerabilities\n3. Multiple security-bypass vulnerabilities\n4. Multiple security vulnerabilities\n5. Multiple integer overflow vulnerabilities\nAn attacker can exploit these issues to bypass certain security  restrictions and to perform unauthorized actions, gain elevated  privileges, obtain sensitive information or execute arbitrary code.  Failed exploits may result in a denial-of-service condition. \nThese issues are being tracked by Android Bug IDs A-79377832,  A-72957385, A-109741680, A-77527719, A-109741946, A-111127853,  A-111128575, A-111126050, A-111125792, A-111128301, A-111128420,  A-111128838, A-111128797, A-111128421, A-111128578, A-111127989,  A-111128877, A-111128841, A-111126532, A-112277221, A-112276863,  A-112278150, A-112277910, A-112277186, A-112278861, A-112277891,  A-112278405, A-112277852, A-120487136*. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. An input validation error vulnerability exists in several Qualcomm products. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Qualcomm MDM9150; MDM9206; MDM9607; MDM9640; MDM9650; MSM8996AU; QCA6174A; QCA6574AU; 670; SD 820; SD 820A; SD 845; SD 850; SD 855; SDX20; SDX24; SM7150",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-11927"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "db": "BID",
            "id": "107770"
          },
          {
            "db": "VULHUB",
            "id": "VHN-121835"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11927"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-11927",
            "trust": 3.0
          },
          {
            "db": "BID",
            "id": "107770",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-114",
            "trust": 0.7
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-121835",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11927",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-121835"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11927"
          },
          {
            "db": "BID",
            "id": "107770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-114"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11927"
          }
        ]
      },
      "id": "VAR-201905-0758",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-121835"
          }
        ],
        "trust": 0.02
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "SoC",
            "trust": 0.1
          },
          {
            "category": [
              "other device",
              "embedded device"
            ],
            "sub_category": "general",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          }
        ]
      },
      "last_update_date": "2025-01-30T19:50:10.482000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "April 2019 Code Aurora Security Bulletin",
            "trust": 0.8,
            "url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
          },
          {
            "title": "Android WLAN HOST Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91033"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin\u2014April 2019",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=cd95df8ce79ebdc8577685322caeeedf"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-11927"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-114"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-129",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-121835"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11927"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.codeaurora.org/security-bulletin/2019/04/01/april-2019-code-aurora-security-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11927"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11927"
          },
          {
            "trust": 0.7,
            "url": "http://www.securityfocus.com/bid/107770"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2019-28925"
          },
          {
            "trust": 0.4,
            "url": "https://source.android.com/security/bulletin/2019-04-01.html"
          },
          {
            "trust": 0.3,
            "url": "http://code.google.com/android/"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/129.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-121835"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11927"
          },
          {
            "db": "BID",
            "id": "107770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-114"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11927"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-121835"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-11927"
          },
          {
            "db": "BID",
            "id": "107770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-114"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-11927"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121835"
          },
          {
            "date": "2019-05-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11927"
          },
          {
            "date": "2019-04-01T00:00:00",
            "db": "BID",
            "id": "107770"
          },
          {
            "date": "2019-06-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "date": "2019-04-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201904-114"
          },
          {
            "date": "2019-05-24T17:29:01.287000",
            "db": "NVD",
            "id": "CVE-2018-11927"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-28T00:00:00",
            "db": "VULHUB",
            "id": "VHN-121835"
          },
          {
            "date": "2019-05-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-11927"
          },
          {
            "date": "2019-04-01T00:00:00",
            "db": "BID",
            "id": "107770"
          },
          {
            "date": "2019-06-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          },
          {
            "date": "2019-05-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201904-114"
          },
          {
            "date": "2024-11-21T03:44:15.950000",
            "db": "NVD",
            "id": "CVE-2018-11927"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-114"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to array index verification in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015513"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-114"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202001-1493

    Vulnerability from variot - Updated: 2024-11-23 23:11

    While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Qualcomm MSM8996AU, etc. are all a central processing unit (CPU) product of Qualcomm.

    HLOS Data in many Qualcomm products has a resource management error vulnerability. Local attackers can use this vulnerability to execute arbitrary code or cause a denial of service by sending a specially crafted request

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202001-1493",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8939",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8939",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10548"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8905_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8917_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8920_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8937_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8939_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          }
        ]
      },
      "cve": "CVE-2019-10548",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10548",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-41778",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-10548",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10548",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10548",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-10548",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-41778",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202001-207",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-10548",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10548"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Qualcomm MSM8996AU, etc. are all a central processing unit (CPU) product of Qualcomm. \n\r\n\r\nHLOS Data in many Qualcomm products has a resource management error vulnerability. Local attackers can use this vulnerability to execute arbitrary code or cause a denial of service by sending a specially crafted request",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10548"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10548",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-207",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10548",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10548"
          }
        ]
      },
      "id": "VAR-202001-1493",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:35.031000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "January 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin"
          },
          {
            "title": "Patch for Resource management error vulnerabilities in multiple Qualcomm products (CNVD-2020-41778)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/226747"
          },
          {
            "title": "Multiple Qualcomm Product resource management error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108335"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-207"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-416",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10548"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10548"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10548"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-january-2020-31267"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/416.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10548"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-10548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10548"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          },
          {
            "date": "2020-01-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10548"
          },
          {
            "date": "2020-02-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "date": "2020-01-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-207"
          },
          {
            "date": "2020-01-21T07:15:11.353000",
            "db": "NVD",
            "id": "CVE-2019-10548"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-41778"
          },
          {
            "date": "2020-01-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-10548"
          },
          {
            "date": "2020-02-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          },
          {
            "date": "2020-05-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-207"
          },
          {
            "date": "2024-11-21T04:19:25.520000",
            "db": "NVD",
            "id": "CVE-2019-10548"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-207"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Products use free memory vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014198"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-207"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1265

    Vulnerability from variot - Updated: 2024-11-23 23:11

    Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. SDA660 is a central processing unit (CPU) product.

    The Data Modem in many Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the wrong read and write operations to other associated memory locations. , An attacker can use this vulnerability to cause a buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1265",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10586"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          }
        ]
      },
      "cve": "CVE-2019-10586",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10586",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 10.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014809",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-20198",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10586",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014809",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10586",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-014809",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20198",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-129",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-129"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10586"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. SDA660 is a central processing unit (CPU) product. \n\r\n\r\nThe Data Modem in many Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the wrong read and write operations to other associated memory locations. , An attacker can use this vulnerability to cause a buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10586"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10586",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-129",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-129"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10586"
          }
        ]
      },
      "id": "VAR-202003-1265",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:32.409000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "March 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm products Data Modem buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211545"
          },
          {
            "title": "Multiple Qualcomm product Data Modem Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111590"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-129"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10586"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10586"
          },
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10586"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2020-31720"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-129"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10586"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-129"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10586"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "date": "2020-03-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-129"
          },
          {
            "date": "2020-03-05T09:15:15.923000",
            "db": "NVD",
            "id": "CVE-2019-10586"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20198"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          },
          {
            "date": "2020-04-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-129"
          },
          {
            "date": "2024-11-21T04:19:30.760000",
            "db": "NVD",
            "id": "CVE-2019-10586"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-129"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014809"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-129"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-1184

    Vulnerability from variot - Updated: 2024-11-23 23:08

    Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product contains a vulnerability related to the use of released memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9205 and so on are a kind of central processing unit (CPU) products of Qualcomm of the United States.

    QTEE in multiple Qualcomm products has a resource management error vulnerability. The vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. An attacker could use this vulnerability to cause Trustzone to perform arbitrary memory reads

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-1184",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm 670",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm 6150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm 7150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9205"
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "1130"
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "404"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "6150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8150"
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "2130"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "55"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2329"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs404_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm670_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm_710_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdx55_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sm6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sm7150_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          }
        ]
      },
      "cve": "CVE-2019-2329",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-2329",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.4,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-16061",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-2329",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-2329",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-2329",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-2329",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-16061",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201910-317",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2329"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130. plural Snapdragon The product contains a vulnerability related to the use of released memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9205 and so on are a kind of central processing unit (CPU) products of Qualcomm of the United States. \n\r\n\r\nQTEE in multiple Qualcomm products has a resource management error vulnerability. The vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. An attacker could use this vulnerability to cause Trustzone to perform arbitrary memory reads",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-2329"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-2329",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-317",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2329"
          }
        ]
      },
      "id": "VAR-201911-1184",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:08:12.754000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "October 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm Product Resource Management Error Vulnerabilities (CNVD-2020-16061)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/207831"
          },
          {
            "title": "Multiple Qualcomm Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99021"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-416",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2329"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-2329"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2329"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-october-2019-30549"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2329"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-2329"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          },
          {
            "date": "2019-11-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "date": "2019-10-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          },
          {
            "date": "2019-11-21T15:15:16.307000",
            "db": "NVD",
            "id": "CVE-2019-2329"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-16061"
          },
          {
            "date": "2019-11-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          },
          {
            "date": "2019-12-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          },
          {
            "date": "2024-11-21T04:40:43.497000",
            "db": "NVD",
            "id": "CVE-2019-2329"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability in using freed memory in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012274"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-317"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1267

    Vulnerability from variot - Updated: 2024-11-23 23:08

    Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. MSM8917 is a central processing unit (CPU) product.

    The Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the execution of the wrong memory location. For read and write operations, an attacker can use this vulnerability to cause a buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1267",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "apq8009",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8939",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8939",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10554"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          }
        ]
      },
      "cve": "CVE-2019-10554",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10554",
                "impactScore": 9.2,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.4,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014821",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-20195",
                "impactScore": 9.2,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10554",
                "impactScore": 5.2,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.1,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014821",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10554",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-014821",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20195",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-135",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-135"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10554"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. MSM8917 is a central processing unit (CPU) product. \n\r\n\r\nThe Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the execution of the wrong memory location. For read and write operations, an attacker can use this vulnerability to cause a buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10554"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10554",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-135",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-135"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10554"
          }
        ]
      },
      "id": "VAR-202003-1267",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:08:04.260000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "March 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm product buffer overflow vulnerabilities (CNVD-2020-20195)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211587"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111594"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-135"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10554"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10554"
          },
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10554"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2020-31720"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-135"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10554"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-135"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10554"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "date": "2020-03-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-135"
          },
          {
            "date": "2020-03-05T09:15:15.733000",
            "db": "NVD",
            "id": "CVE-2019-10554"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20195"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          },
          {
            "date": "2020-04-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-135"
          },
          {
            "date": "2024-11-21T04:19:26.453000",
            "db": "NVD",
            "id": "CVE-2019-10554"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-135"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Out-of-bounds read vulnerabilities in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014821"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-135"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202009-1283

    Vulnerability from variot - Updated: 2024-11-23 23:07

    u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a buffer error vulnerability.Information may be obtained

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202009-1283",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs610",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs404",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "saipan",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa415m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "bitra",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc7180",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "bitra",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "kamorta",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3621"
          }
        ]
      },
      "cve": "CVE-2020-3621",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-3621",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-3621",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-3621",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3621",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-3621",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202008-074",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3621"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "u\u0027Lack of check to ensure that the TX read index \u0026 RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a buffer error vulnerability.Information may be obtained",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3621",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-074",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3621"
          }
        ]
      },
      "id": "VAR-202009-1283",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.2491935133333333
      },
      "last_update_date": "2024-11-23T23:07:49.152000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "August\u00a02020\u00a0Security\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin"
          },
          {
            "title": "Multiple Qualcomm Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125407"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-074"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3621"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin"
          },
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3621"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-september-2020-33285"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3621"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-074"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3621"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-02-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          },
          {
            "date": "2020-08-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-074"
          },
          {
            "date": "2020-09-08T10:15:15.107000",
            "db": "NVD",
            "id": "CVE-2020-3621"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-02-01T08:35:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          },
          {
            "date": "2020-10-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-074"
          },
          {
            "date": "2024-11-21T05:31:25.493000",
            "db": "NVD",
            "id": "CVE-2020-3621"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-074"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Snapdragon\u00a0 Buffer error vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010700"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-074"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202011-1239

    Vulnerability from variot - Updated: 2024-11-23 23:07

    u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8017, APQ8037, APQ8053, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCM4290, QCM6125, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA415M, SA6145P, SA6150P, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8350, SM8350P, SXR1120, SXR1130. plural Qualcomm The product contains a vulnerability in array index validation.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202011-1239",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx50m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa8150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8208",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8608",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa8155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs610",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs6125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm4125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8037",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa8195p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6115",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa415m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm1000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8209",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8350p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm4250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qsm8350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc7180",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm455",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180xp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6115p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7250p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs4290",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6145p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa8155",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm4250p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm4290",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9628",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm6125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6250p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1120",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs603",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8108",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8037",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3639"
          }
        ]
      },
      "cve": "CVE-2020-3639",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-3639",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-3639",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-3639",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3639",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-3639",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202011-159",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-159"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3639"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "u\u0027When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8017, APQ8037, APQ8053, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCM4290, QCM6125, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA415M, SA6145P, SA6150P, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8350, SM8350P, SXR1120, SXR1130. plural Qualcomm The product contains a vulnerability in array index validation.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3639"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3639",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-159",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-159"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3639"
          }
        ]
      },
      "id": "VAR-202011-1239",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.2491935133333333
      },
      "last_update_date": "2024-11-23T23:07:46.637000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "November\u00a02020\u00a0Security\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-security-bulletin"
          },
          {
            "title": "data modem Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=134016"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-159"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-129",
            "trust": 1.0
          },
          {
            "problemtype": "Improper validation of array indexes (CWE-129) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3639"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3639"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-november-2020-33773"
          },
          {
            "trust": 0.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-security-bulletin"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-159"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3639"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-159"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3639"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          },
          {
            "date": "2020-11-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202011-159"
          },
          {
            "date": "2020-11-12T10:15:13.420000",
            "db": "NVD",
            "id": "CVE-2020-3639"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-06-21T09:03:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          },
          {
            "date": "2021-07-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202011-159"
          },
          {
            "date": "2024-11-21T05:31:27.643000",
            "db": "NVD",
            "id": "CVE-2020-3639"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-159"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Qualcomm\u00a0 Product index validation vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013215"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-159"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201906-0779

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains an authorization vulnerability.Information may be obtained. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. A race condition vulnerability exists in several Qualcomm products. The vulnerability stems from the improper handling of concurrent access when concurrent codes need to access shared resources mutually exclusive during the running of the network system or product. The following products and versions are affected: IPQ4019; IPQ8074; MDM9150; MDM9206; MDM9607; MDM9615; MDM9635M; MDM9640; MDM9650; MDM9655; MSM8909W; 12; SD 425; SD 427; SD 430; SD 435; SD 439; SD 429; SD 450; SD 615/16; SD 415; SD 625; SD 632; SD 636; SD 710; SD 670; SD 820; SD 820A; SD 835; SD 845; SD 850; SD 855; SD 8CX;

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0779",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 427",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qc 215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 616",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca8081",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 435",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 8cx",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 415",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 212",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 652",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "snapdragon high med 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 412",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 430",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 210",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq4019",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "ipq8074",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-8252"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq4019_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:ipq8074_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9635m_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9640_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9655_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          }
        ]
      },
      "cve": "CVE-2017-8252",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-8252",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-116455",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-8252",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-8252",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-8252",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201704-1433",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-116455",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-8252",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-116455"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-8252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1433"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-8252"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains an authorization vulnerability.Information may be obtained. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. A race condition vulnerability exists in several Qualcomm products. The vulnerability stems from the improper handling of concurrent access when concurrent codes need to access shared resources mutually exclusive during the running of the network system or product. The following products and versions are affected: IPQ4019; IPQ8074; MDM9150; MDM9206; MDM9607; MDM9615; MDM9635M; MDM9640; MDM9650; MDM9655; MSM8909W; 12; SD 425; SD 427; SD 430; SD 435; SD 439; SD 429; SD 450; SD 615/16; SD 415; SD 625; SD 632; SD 636; SD 710; SD 670; SD 820; SD 820A; SD 835; SD 845; SD 850; SD 855; SD 8CX;",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-8252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "db": "VULHUB",
            "id": "VHN-116455"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-8252"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-8252",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1433",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-116455",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-8252",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-116455"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-8252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1433"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-8252"
          }
        ]
      },
      "id": "VAR-201906-0779",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-116455"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:04:46.360000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "March 2019 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Android Qualcomm EcoSystem Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89827"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin \u2014 March 2019",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=e9cddeba5732c8294d7cd6c4b6f1170b"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/google-critical-bluetooth-rce/142685/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2017-8252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1433"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-285",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-116455"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-8252"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-8252"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8252"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2019-28664"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/285.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2019-03-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/google-critical-bluetooth-rce/142685/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-116455"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-8252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1433"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-8252"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-116455"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-8252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1433"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-8252"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-116455"
          },
          {
            "date": "2019-06-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-8252"
          },
          {
            "date": "2019-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "date": "2017-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201704-1433"
          },
          {
            "date": "2019-06-14T17:29:00.220000",
            "db": "NVD",
            "id": "CVE-2017-8252"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-06-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-116455"
          },
          {
            "date": "2019-06-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-8252"
          },
          {
            "date": "2019-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          },
          {
            "date": "2019-06-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201704-1433"
          },
          {
            "date": "2024-11-21T03:33:37.793000",
            "db": "NVD",
            "id": "CVE-2017-8252"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1433"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Authorization vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014511"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201704-1433"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1268

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. APQ8017 is a central processing unit (CPU) product.

    The Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that when decoding the Service Reject/RAU Reject/PTMSI Realloc cmd, the program fails to perform the correct length check. The attacker can use a special request Use the vulnerability to obtain sensitive information or cause denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1268",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 2.2,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8939",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8939",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10552"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          }
        ]
      },
      "cve": "CVE-2019-10552",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10552",
                "impactScore": 9.2,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.4,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014819",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-20203",
                "impactScore": 9.2,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10552",
                "impactScore": 5.2,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.1,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014819",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10552",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-014819",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20203",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-134",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10552"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. APQ8017 is a central processing unit (CPU) product. \n\r\n\r\nThe Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that when decoding the Service Reject/RAU Reject/PTMSI Realloc cmd, the program fails to perform the correct length check. The attacker can use a special request Use the vulnerability to obtain sensitive information or cause denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10552"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10552",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-134",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10552"
          }
        ]
      },
      "id": "VAR-202003-1268",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:30.092000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "March 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm product buffer overflow vulnerabilities (CNVD-2020-20203)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211585"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111593"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-20",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10552"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10552"
          },
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10552"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2020-31720"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10552"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10552"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "date": "2020-03-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          },
          {
            "date": "2020-03-05T09:15:15.610000",
            "db": "NVD",
            "id": "CVE-2019-10552"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20203"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          },
          {
            "date": "2020-03-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          },
          {
            "date": "2024-11-21T04:19:26.123000",
            "db": "NVD",
            "id": "CVE-2019-10552"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Out-of-bounds read vulnerabilities in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014819"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-134"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-1800

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop further will not cause an overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MDM9607, MSM8996AU, QCA6574AU, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607 and so on are the products of American Qualcomm. MDM9607 is a central processing unit (CPU) product. MSM8996AU is a central processing unit (CPU) product. QCA6574AU is a central processing unit (CPU) product.

    A buffer overflow vulnerability exists in the WLAN Host in multiple Qualcomm products. The vulnerability stems from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to associated other memory locations An attacker could use this vulnerability to cause a buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-1800",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qca6574au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcn7605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9607"
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "24"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "20"
          },
          {
            "model": "qca 6574au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "1130"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "6150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8150"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8053"
          },
          {
            "model": "apq 8096au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "55"
          },
          {
            "model": "qcn",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7605"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10598"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8996au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qca6574au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcn7605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda660_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sda845_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sdm630_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          }
        ]
      },
      "cve": "CVE-2019-10598",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10598",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-03577",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-10598",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10598",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10598",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-10598",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-03577",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-090",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-090"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10598"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop further will not cause an overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music in APQ8053, APQ8096AU, MDM9607, MSM8996AU, QCA6574AU, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607 and so on are the products of American Qualcomm. MDM9607 is a central processing unit (CPU) product. MSM8996AU is a central processing unit (CPU) product. QCA6574AU is a central processing unit (CPU) product. \n\r\n\r\nA buffer overflow vulnerability exists in the WLAN Host in multiple Qualcomm products. The vulnerability stems from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to associated other memory locations An attacker could use this vulnerability to cause a buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10598"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10598",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-090",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-090"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10598"
          }
        ]
      },
      "id": "VAR-201912-1800",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:27.366000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "December 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2020-03577)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/198881"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105626"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-090"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10598"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10598"
          },
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10598"
          },
          {
            "trust": 0.6,
            "url": "https://source.android.google.cn/security/bulletin/2019-12-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-090"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10598"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-090"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10598"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          },
          {
            "date": "2019-12-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "date": "2019-12-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-090"
          },
          {
            "date": "2019-12-18T06:15:12.440000",
            "db": "NVD",
            "id": "CVE-2019-10598"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-03577"
          },
          {
            "date": "2019-12-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          },
          {
            "date": "2020-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-090"
          },
          {
            "date": "2024-11-21T04:19:32.823000",
            "db": "NVD",
            "id": "CVE-2019-10598"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-090"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Classic buffer overflow vulnerability in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013350"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-090"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202011-0122

    Vulnerability from variot - Updated: 2024-11-23 22:58

    u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330. plural Qualcomm The product contains unspecified vulnerabilities.Information may be obtained

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202011-0122",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx50m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa8150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8208",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8608",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8108",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm4250p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa8155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "wcd9330",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs610",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm8207",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm4125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8037",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7225",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm830",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs410",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa8195p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6115",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa415m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7125",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm1000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qsm8250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8209",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8350p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm4250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qsm8350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc7180",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm455",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs405",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180xp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr2130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8064au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6115p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9207",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7250p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa515m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096sg",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6155",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs4290",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9250",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa6145p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sa8155",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm4290",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9628",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6250p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdw2500",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1120",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs603",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996sg",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8064au",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8037",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          },
          {
            "model": "apq8009w",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30af\u30a2\u30eb\u30b3\u30e0",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-11123"
          }
        ]
      },
      "cve": "CVE-2020-11123",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-11123",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-11123",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-11123",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-11123",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-11123",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202011-158",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-11123",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-11123"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-158"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-11123"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "u\u0027information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330. plural Qualcomm The product contains unspecified vulnerabilities.Information may be obtained",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-11123"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-11123"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-11123",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-158",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-11123",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-11123"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-158"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-11123"
          }
        ]
      },
      "id": "VAR-202011-0122",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.2491935133333333
      },
      "last_update_date": "2024-11-23T22:58:07.545000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "November\u00a02020\u00a0Security\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-security-bulletin"
          },
          {
            "title": "Qualcomm HLOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=134479"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-158"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "Other (CWE-Other) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-11123"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11123"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-november-2020-33773"
          },
          {
            "trust": 0.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-security-bulletin"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-11123"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-158"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-11123"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2020-11123"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-158"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-11123"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-11-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-11123"
          },
          {
            "date": "2021-06-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "date": "2020-11-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202011-158"
          },
          {
            "date": "2020-11-12T10:15:12",
            "db": "NVD",
            "id": "CVE-2020-11123"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-11-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-11123"
          },
          {
            "date": "2021-06-21T09:03:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          },
          {
            "date": "2020-11-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202011-158"
          },
          {
            "date": "2024-11-21T04:56:51.790000",
            "db": "NVD",
            "id": "CVE-2020-11123"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-158"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Qualcomm\u00a0 Product vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-013193"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-158"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201904-0544

    Vulnerability from variot - Updated: 2024-11-23 22:51

    kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDX24, SM7150. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. SD 425 is a central processing unit (CPU) product. A buffer overflow vulnerability exists in the PMIC Modules of several Qualcomm products. The vulnerability is caused by the fact that the length of the received message returned by the kernel is longer than expected. An attacker could exploit this vulnerability to execute code or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0544",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sd 632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 835",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 675",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 820a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 855",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 712",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "215",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 425",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 429",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sd 439",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13918"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9650_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:msm8909w_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qcs605_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:qualcomm_215_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_425_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_429_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:sd_439_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          }
        ]
      },
      "cve": "CVE-2018-13918",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-13918",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-124025",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2018-13918",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-13918",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-13918",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201903-124",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-124025",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-13918",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-124025"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13918"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13918"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDX24, SM7150. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. SD 425 is a central processing unit (CPU) product. A buffer overflow vulnerability exists in the PMIC Modules of several Qualcomm products. The vulnerability is caused by the fact that the length of the received message returned by the kernel is longer than expected. An attacker could exploit this vulnerability to execute code or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-13918"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "db": "VULHUB",
            "id": "VHN-124025"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13918"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-13918",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-124",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-124025",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13918",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-124025"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13918"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13918"
          }
        ]
      },
      "id": "VAR-201904-0544",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-124025"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:51:50.465000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "March 2019 Qualcomm Technologies, Inc. Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89794"
          },
          {
            "title": "Android Security Bulletins: Android Security Bulletin \u2014 March 2019",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=e9cddeba5732c8294d7cd6c4b6f1170b"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-13918"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-124"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-124025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13918"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13918"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13918"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2019-28664"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://source.android.com/security/bulletin/2019-03-01.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-124025"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13918"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13918"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-124025"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-13918"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-124"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-13918"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-04-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-124025"
          },
          {
            "date": "2019-04-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-13918"
          },
          {
            "date": "2019-05-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "date": "2019-03-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201903-124"
          },
          {
            "date": "2019-04-04T15:29:00.923000",
            "db": "NVD",
            "id": "CVE-2018-13918"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-124025"
          },
          {
            "date": "2019-05-29T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-13918"
          },
          {
            "date": "2019-05-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          },
          {
            "date": "2019-05-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201903-124"
          },
          {
            "date": "2024-11-21T03:48:20.217000",
            "db": "NVD",
            "id": "CVE-2018-13918"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-124"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Product buffer error vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-015208"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201903-124"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-1785

    Vulnerability from variot - Updated: 2024-11-23 22:51

    Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and so on are the products of American Qualcomm. MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product.

    A buffer overflow vulnerability exists in WCDMA in several Qualcomm products. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-1785",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8939",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.8,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8909"
          },
          {
            "model": "msm 8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "605"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "439"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "630"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "660"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "24"
          },
          {
            "model": "msm 8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "20"
          },
          {
            "model": "sxr",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "1130"
          },
          {
            "model": "apq 8096au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8098"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8998"
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8180x"
          },
          {
            "model": "sda",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "636"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "670"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "710"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "845"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "850"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "6150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "7150"
          },
          {
            "model": "sm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8150"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8905"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8917"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8920"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8937"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8939"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8940"
          },
          {
            "model": "msm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8953"
          },
          {
            "model": "qcm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "marwel",
            "version": "2150"
          },
          {
            "model": "qm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "215"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "429"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "450"
          },
          {
            "model": "sdm",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "632"
          },
          {
            "model": "sdx",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "55"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8009"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8017"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8053"
          },
          {
            "model": "apq",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "8096"
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9150"
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9206"
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9607"
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9615"
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9625"
          },
          {
            "model": "mdm9150 9635m",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9640"
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9645"
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9650"
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": "9655"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10525"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9615_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          }
        ]
      },
      "cve": "CVE-2019-10525",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10525",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-16052",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10525",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-10525",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10525",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-10525",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-16052",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-100",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-100"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10525"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and so on are the products of American Qualcomm. MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. \n\r\n\r\nA buffer overflow vulnerability exists in WCDMA in several Qualcomm products. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10525"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10525",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-100",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-100"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10525"
          }
        ]
      },
      "id": "VAR-201912-1785",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:51:32.186000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "December 2019 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2020-16052)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/207801"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105635"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-100"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10525"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10525"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10525"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-100"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10525"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-100"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10525"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          },
          {
            "date": "2019-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "date": "2019-12-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-100"
          },
          {
            "date": "2019-12-18T06:15:11.783000",
            "db": "NVD",
            "id": "CVE-2019-10525"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-16052"
          },
          {
            "date": "2019-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          },
          {
            "date": "2020-06-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-100"
          },
          {
            "date": "2024-11-21T04:19:21.340000",
            "db": "NVD",
            "id": "CVE-2019-10525"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-100"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Vulnerability related to out-of-bounds writing in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013384"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-100"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1269

    Vulnerability from variot - Updated: 2024-11-23 22:51

    Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. QCS605 is a central processing unit (CPU) product.

    The Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the execution of the wrong memory location. For read and write operations, an attacker can use this vulnerability to cause a buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1269",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdm9206",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": null,
            "trust": 1.4,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8053",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9607",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9206",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8009",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8098",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8096",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "apq8017",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9205",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8996au",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx20",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm439",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm630",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm632",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm636",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda660",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sda845",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sxr1130",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9615",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9625",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9635m",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9645",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9650",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9655",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "mdm9640",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcs605",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx24",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "nicobar",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm7150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm670",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm8150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm429w",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8917",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8920",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8937",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8940",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8953",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sc8180x",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm450",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdx55",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8905",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8909",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8998",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qm215",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "rennell",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "qcm2150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm710",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm845",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sdm850",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "sm6150",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          },
          {
            "model": "msm8939",
            "scope": null,
            "trust": 0.6,
            "vendor": "qualcomm",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10553"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          }
        ]
      },
      "cve": "CVE-2019-10553",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-10553",
                "impactScore": 9.2,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.4,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014820",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-20196",
                "impactScore": 9.2,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-10553",
                "impactScore": 5.2,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.1,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-014820",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-10553",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-014820",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-20196",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-136",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-136"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10553"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. QCS605 is a central processing unit (CPU) product. \n\r\n\r\nThe Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that the network system or product performs an operation on the memory and does not correctly verify the data boundary, resulting in the execution of the wrong memory location. For read and write operations, an attacker can use this vulnerability to cause a buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-10553"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-10553",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-136",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-136"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10553"
          }
        ]
      },
      "id": "VAR-202003-1269",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:51:28.209000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "March 2020 Security Bulletin",
            "trust": 0.8,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "title": "Patch for Multiple Qualcomm product buffer overflow vulnerabilities (CNVD-2020-20196)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/211589"
          },
          {
            "title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111595"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-136"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10553"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10553"
          },
          {
            "trust": 1.6,
            "url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10553"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2020-31720"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-136"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10553"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-136"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-10553"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "date": "2020-03-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-136"
          },
          {
            "date": "2020-03-05T09:15:15.673000",
            "db": "NVD",
            "id": "CVE-2019-10553"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-20196"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          },
          {
            "date": "2020-04-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-136"
          },
          {
            "date": "2024-11-21T04:19:26.283000",
            "db": "NVD",
            "id": "CVE-2019-10553"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-136"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Snapdragon Out-of-bounds read vulnerabilities in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-014820"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-136"
          }
        ],
        "trust": 0.6
      }
    }