10
CVE-2017-18129
- EPSS 0.22%
- Published 11.04.2018 15:29:00
- Last modified 21.11.2024 03:19:24
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains.
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Mdm9206 Firmware Version-
Qualcomm ≫ Mdm9607 Firmware Version-
Qualcomm ≫ Msm8996 Firmware Version-
Qualcomm ≫ Msm8998 Firmware Version-
Qualcomm ≫ Sd 845 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.414 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.