CVE-2018-11993

EPSS 0.19%
Veröffentlicht 18.01.2019 22:29:00
Zuletzt bearbeitet 21.11.2024 03:44:22
Quelle product-security@qualcomm.com
CVE-Watchlists
Login
Unerledigt
Login

Improper check while accessing the local memory stack on MQTT connection request can lead to buffer overflow in snapdragon wear in versions MDM9206, MDM9607

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Mdm9206 Firmware Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Mdm9607 Firmware Version-

Qualcomm ≫ Mdm9607 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.406

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	8.3	6.5	10	AV:A/AC:L/Au:N/C:C/I:C/A:C

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.qualcomm.com/company/product-security/bulletins

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-11993

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-11993

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-11993

EUVD