BDU:2025-05525

Vulnerability from fstec - Published: 03.02.2025
VLAI Severity ?
Title
Уязвимость микропрограммного обеспечения встраиваемых плат Qualcomm, связанная с возможностью использования памяти после освобождения, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость микропрограммного обеспечения встраиваемых плат Qualcomm связана с возможностью использования памяти после освобождения. Эксплуатация уязвимости может позволить нарушителю выполнить произвольный код
Severity ?
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vendor
Qualcomm Technologies Inc.
Software Name
WCD9380, WSA8830, WSA8835, AR8035, Snapdragon X65 5G Modem-RF System, Qualcomm® Video Collaboration VC3 Platform, Snapdragon X75 5G Modem-RF System, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5332, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9554, IPQ9570, QCA9889, QCF8000, QCF8001, QCN5024, QCN5124, QCN5154, QCN5164, QCN6112, QCN6122, QCN6132, QCN9100, SDX65M, IPQ9008, IPQ9574, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6678AQ, QCA9888, QCN9022, IPQ5302, IPQ5312, QCN6402, QCN6412, QCN6432, Snapdragon 8 Gen 3 Mobile Platform, IPQ5300, Snapdragon X72 5G Modem-RF System, SXR2250P, QCA6777AQ, QCA6787AQ, QCN9160, QCS9100, QXM8083, SM8750, SM8750P, WCN7860, WCN7861, WCN7880, WCN7881, FastConnect 6900, FastConnect 7800, WCD9370, WCD9390, WCD9395, WSA8832, WSA8840, WSA8845, WSA8845H, CSR8811, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ9048, QAM8255P, QAM8650P, QAM8775P, QCA4024, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCC710, QCF8000SFP, QCM5430, QCM6490, QCM8550, QCN5022, QCN5052, QCN5122, QCN5152, QCN6023, QCN6024, QCN6224, QCN6274, QCN9000, QCN9012, QCN9024, QCN9070, QCN9072, QCN9074, QCN9274, QCS5430, QCS6490, QCS8550, QFW7114, QFW7124, SA6155P, SA8155P, SA8195P, SDX55, SM6650, SM7635, SM7675, SM7675P, SM8635, SM8635P, SXR2230P, SXR2330P, WCD9340, WCD9375, WCD9378, WCD9385, WCN6450, WCN6650, WCN6755, QCS615, QCS8300
Software Version
- (WCD9380), - (WSA8830), - (WSA8835), - (AR8035), - (Snapdragon X65 5G Modem-RF System), - (Qualcomm® Video Collaboration VC3 Platform), - (Snapdragon X75 5G Modem-RF System), - (Immersive Home 214 Platform), - (Immersive Home 216 Platform), - (Immersive Home 316 Platform), - (Immersive Home 318 Platform), - (Immersive Home 3210 Platform), - (Immersive Home 326 Platform), - (IPQ5010), - (IPQ5028), - (IPQ5332), - (IPQ8070A), - (IPQ8071A), - (IPQ8072A), - (IPQ8074A), - (IPQ8076), - (IPQ8076A), - (IPQ8078), - (IPQ8078A), - (IPQ8173), - (IPQ8174), - (IPQ9554), - (IPQ9570), - (QCA9889), - (QCF8000), - (QCF8001), - (QCN5024), - (QCN5124), - (QCN5154), - (QCN5164), - (QCN6112), - (QCN6122), - (QCN6132), - (QCN9100), - (SDX65M), - (IPQ9008), - (IPQ9574), - (QCA6554A), - (QCA6564AU), - (QCA6574), - (QCA6574A), - (QCA6574AU), - (QCA6584AU), - (QCA6678AQ), - (QCA9888), - (QCN9022), - (IPQ5302), - (IPQ5312), - (QCN6402), - (QCN6412), - (QCN6432), - (Snapdragon 8 Gen 3 Mobile Platform), - (IPQ5300), - (Snapdragon X72 5G Modem-RF System), - (SXR2250P), - (QCA6777AQ), - (QCA6787AQ), - (QCN9160), - (QCS9100), - (QXM8083), - (SM8750), - (SM8750P), - (WCN7860), - (WCN7861), - (WCN7880), - (WCN7881), - (FastConnect 6900), - (FastConnect 7800), - (WCD9370), - (WCD9390), - (WCD9395), - (WSA8832), - (WSA8840), - (WSA8845), - (WSA8845H), - (CSR8811), - (IPQ6000), - (IPQ6010), - (IPQ6018), - (IPQ6028), - (IPQ9048), - (QAM8255P), - (QAM8650P), - (QAM8775P), - (QCA4024), - (QCA6595), - (QCA6595AU), - (QCA6696), - (QCA6698AQ), - (QCA6797AQ), - (QCA8075), - (QCA8081), - (QCA8082), - (QCA8084), - (QCA8085), - (QCA8337), - (QCA8386), - (QCC710), - (QCF8000SFP), - (QCM5430), - (QCM6490), - (QCM8550), - (QCN5022), - (QCN5052), - (QCN5122), - (QCN5152), - (QCN6023), - (QCN6024), - (QCN6224), - (QCN6274), - (QCN9000), - (QCN9012), - (QCN9024), - (QCN9070), - (QCN9072), - (QCN9074), - (QCN9274), - (QCS5430), - (QCS6490), - (QCS8550), - (QFW7114), - (QFW7124), - (SA6155P), - (SA8155P), - (SA8195P), - (SDX55), - (SM6650), - (SM7635), - (SM7675), - (SM7675P), - (SM8635), - (SM8635P), - (SXR2230P), - (SXR2330P), - (WCD9340), - (WCD9375), - (WCD9378), - (WCD9385), - (WCN6450), - (WCN6650), - (WCN6755), - (QCS615), - (QCS8300)
Possible Mitigations
Использование рекомендаций: https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html
Reference
https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/wlan/qca-wifi-host-cmn/-/commit/f271254670f63795a5bf8b7099199b001c20ea68
CWE
CWE-416
To clipboard 

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Qualcomm Technologies Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (WCD9380), - (WSA8830), - (WSA8835), - (AR8035), - (Snapdragon X65 5G Modem-RF System), - (Qualcomm\u00ae Video Collaboration VC3 Platform), - (Snapdragon X75 5G Modem-RF System), - (Immersive Home 214 Platform), - (Immersive Home 216 Platform), - (Immersive Home 316 Platform), - (Immersive Home 318 Platform), - (Immersive Home 3210 Platform), - (Immersive Home 326 Platform), - (IPQ5010), - (IPQ5028), - (IPQ5332), - (IPQ8070A), - (IPQ8071A), - (IPQ8072A), - (IPQ8074A), - (IPQ8076), - (IPQ8076A), - (IPQ8078), - (IPQ8078A), - (IPQ8173), - (IPQ8174), - (IPQ9554), - (IPQ9570), - (QCA9889), - (QCF8000), - (QCF8001), - (QCN5024), - (QCN5124), - (QCN5154), - (QCN5164), - (QCN6112), - (QCN6122), - (QCN6132), - (QCN9100), - (SDX65M), - (IPQ9008), - (IPQ9574), - (QCA6554A), - (QCA6564AU), - (QCA6574), - (QCA6574A), - (QCA6574AU), - (QCA6584AU), - (QCA6678AQ), - (QCA9888), - (QCN9022), - (IPQ5302), - (IPQ5312), - (QCN6402), - (QCN6412), - (QCN6432), - (Snapdragon 8 Gen 3 Mobile Platform), - (IPQ5300), - (Snapdragon X72 5G Modem-RF System), - (SXR2250P), - (QCA6777AQ), - (QCA6787AQ), - (QCN9160), - (QCS9100), - (QXM8083), - (SM8750), - (SM8750P), - (WCN7860), - (WCN7861), - (WCN7880), - (WCN7881), - (FastConnect 6900), - (FastConnect 7800), - (WCD9370), - (WCD9390), - (WCD9395), - (WSA8832), - (WSA8840), - (WSA8845), - (WSA8845H), - (CSR8811), - (IPQ6000), - (IPQ6010), - (IPQ6018), - (IPQ6028), - (IPQ9048), - (QAM8255P), - (QAM8650P), - (QAM8775P), - (QCA4024), - (QCA6595), - (QCA6595AU), - (QCA6696), - (QCA6698AQ), - (QCA6797AQ), - (QCA8075), - (QCA8081), - (QCA8082), - (QCA8084), - (QCA8085), - (QCA8337), - (QCA8386), - (QCC710), - (QCF8000SFP), - (QCM5430), - (QCM6490), - (QCM8550), - (QCN5022), - (QCN5052), - (QCN5122), - (QCN5152), - (QCN6023), - (QCN6024), - (QCN6224), - (QCN6274), - (QCN9000), - (QCN9012), - (QCN9024), - (QCN9070), - (QCN9072), - (QCN9074), - (QCN9274), - (QCS5430), - (QCS6490), - (QCS8550), - (QFW7114), - (QFW7124), - (SA6155P), - (SA8155P), - (SA8195P), - (SDX55), - (SM6650), - (SM7635), - (SM7675), - (SM7675P), - (SM8635), - (SM8635P), - (SXR2230P), - (SXR2330P), - (WCD9340), - (WCD9375), - (WCD9378), - (WCD9385), - (WCN6450), - (WCN6650), - (WCN6755), - (QCS615), - (QCS8300)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "03.02.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "14.05.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.05.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-05525",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-45571",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "WCD9380, WSA8830, WSA8835, AR8035, Snapdragon X65 5G Modem-RF System, Qualcomm\u00ae Video Collaboration VC3 Platform, Snapdragon X75 5G Modem-RF System, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5332, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9554, IPQ9570, QCA9889, QCF8000, QCF8001, QCN5024, QCN5124, QCN5154, QCN5164, QCN6112, QCN6122, QCN6132, QCN9100, SDX65M, IPQ9008, IPQ9574, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6678AQ, QCA9888, QCN9022, IPQ5302, IPQ5312, QCN6402, QCN6412, QCN6432, Snapdragon 8 Gen 3 Mobile Platform, IPQ5300, Snapdragon X72 5G Modem-RF System, SXR2250P, QCA6777AQ, QCA6787AQ, QCN9160, QCS9100, QXM8083, SM8750, SM8750P, WCN7860, WCN7861, WCN7880, WCN7881, FastConnect 6900, FastConnect 7800, WCD9370, WCD9390, WCD9395, WSA8832, WSA8840, WSA8845, WSA8845H, CSR8811, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ9048, QAM8255P, QAM8650P, QAM8775P, QCA4024, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCC710, QCF8000SFP, QCM5430, QCM6490, QCM8550, QCN5022, QCN5052, QCN5122, QCN5152, QCN6023, QCN6024, QCN6224, QCN6274, QCN9000, QCN9012, QCN9024, QCN9070, QCN9072, QCN9074, QCN9274, QCS5430, QCS6490, QCS8550, QFW7114, QFW7124, SA6155P, SA8155P, SA8195P, SDX55, SM6650, SM7635, SM7675, SM7675P, SM8635, SM8635P, SXR2230P, SXR2330P, WCD9340, WCD9375, WCD9378, WCD9385, WCN6450, WCN6650, WCN6755, QCS615, QCS8300",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0432\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u043f\u043b\u0430\u0442 Qualcomm, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0432\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u043f\u043b\u0430\u0442 Qualcomm \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html\nhttps://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/wlan/qca-wifi-host-cmn/-/commit/f271254670f63795a5bf8b7099199b001c20ea68",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.