CVE-2018-11993

EPSS 0.19%
Published 18.01.2019 22:29:00
Last modified 21.11.2024 03:44:22
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Improper check while accessing the local memory stack on MQTT connection request can lead to buffer overflow in snapdragon wear in versions MDM9206, MDM9607

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Mdm9206 Firmware Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Mdm9607 Firmware Version-

Qualcomm ≫ Mdm9607 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.19%	0.372

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	8.3	6.5	10	AV:A/AC:L/Au:N/C:C/I:C/A:C

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.qualcomm.com/company/product-security/bulletins

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-11993

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-11993

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-11993

EUVD