9.1
CVE-2018-11932
- EPSS 0.22%
- Veröffentlicht 25.02.2019 22:29:02
- Zuletzt bearbeitet 21.11.2024 03:44:16
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Mdm9650 Firmware Version-
Qualcomm ≫ Mdm9655 Firmware Version-
Qualcomm ≫ Msm8996au Firmware Version-
Qualcomm ≫ Qcs605 Firmware Version-
Qualcomm ≫ Sd 410 Firmware Version-
Qualcomm ≫ Sd 12 Firmware Version-
Qualcomm ≫ Sd 615 Firmware Version-
Qualcomm ≫ Sd 16 Firmware Version-
Qualcomm ≫ Sd 415 Firmware Version-
Qualcomm ≫ Sd 675 Firmware Version-
Qualcomm ≫ Sd 712 Firmware Version-
Qualcomm ≫ Sd 710 Firmware Version-
Qualcomm ≫ Sd 670 Firmware Version-
Qualcomm ≫ Sd 820 Firmware Version-
Qualcomm ≫ Sd 820a Firmware Version-
Qualcomm ≫ Sd 835 Firmware Version-
Qualcomm ≫ Sd 845 Firmware Version-
Qualcomm ≫ Sd 850 Firmware Version-
Qualcomm ≫ Sd 8cx Firmware Version-
Qualcomm ≫ Sxr1130 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.417 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.