10

CVE-2015-9196

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, MDM9635M, SD 400, and SD 800, improper input validation in tzbsp_ocmem can cause privilege escalation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommFsm9055 Firmware Version-
   QualcommFsm9055 Version-
QualcommMdm9635m Firmware Version-
   QualcommMdm9635m Version-
QualcommSd 400 Firmware Version-
   QualcommSd 400 Version-
QualcommSd 800 Firmware Version-
   QualcommSd 800 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.54% 0.716
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://source.android.com/security/bulletin/2018-04-01
Vendor Advisory
http://www.securityfocus.com/bid/103671
Third Party Advisory
VDB Entry