CVE-2018-12012

EPSS 0.03%
Veröffentlicht 24.05.2019 17:29:01
Zuletzt bearbeitet 21.11.2024 03:44:24
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

While updating blacklisting region shared buffered memory region is not validated against newly updated black list, causing boot-up to be compromised in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SXR1130

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Mdm9206 Firmware Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Mdm9607 Firmware Version-

Qualcomm ≫ Mdm9607 Version-

Qualcomm ≫ Mdm9650 Firmware Version-

Qualcomm ≫ Mdm9650 Version-

Qualcomm ≫ Mdm9655 Firmware Version-

Qualcomm ≫ Mdm9655 Version-

Qualcomm ≫ Qcs605 Firmware Version-

Qualcomm ≫ Qcs605 Version-

Qualcomm ≫ Sd 210 Firmware Version-

Qualcomm ≫ Sd 210 Version-

Qualcomm ≫ Sd 212 Firmware Version-

Qualcomm ≫ Sd 212 Version-

Qualcomm ≫ Sd 205 Firmware Version-

Qualcomm ≫ Sd 205 Version-

Qualcomm ≫ Sd 410 Firmware Version-

Qualcomm ≫ Sd 410 Version-

Qualcomm ≫ Sd 412 Firmware Version-

Qualcomm ≫ Sd 412 Version-

Qualcomm ≫ Sd 615 Firmware Version-

Qualcomm ≫ Sd 615 Version-

Qualcomm ≫ Sd 616 Firmware Version-

Qualcomm ≫ Sd 616 Version-

Qualcomm ≫ Sd 415 Firmware Version-

Qualcomm ≫ Sd 415 Version-

Qualcomm ≫ Sd 712 Firmware Version-

Qualcomm ≫ Sd 712 Version-

Qualcomm ≫ Sd 710 Firmware Version-

Qualcomm ≫ Sd 710 Version-

Qualcomm ≫ Sd 670 Firmware Version-

Qualcomm ≫ Sd 670 Version-

Qualcomm ≫ Sd 835 Firmware Version-

Qualcomm ≫ Sd 835 Version-

Qualcomm ≫ Sd 845 Firmware Version-

Qualcomm ≫ Sd 845 Version-

Qualcomm ≫ Sd 850 Firmware Version-

Qualcomm ≫ Sd 850 Version-

Qualcomm ≫ Sd 8cx Firmware Version-

Qualcomm ≫ Sd 8cx Version-

Qualcomm ≫ Sxr1130 Firmware Version-

Qualcomm ≫ Sxr1130 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.06

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://www.qualcomm.com/company/product-security/bulletins#_CVE-2018-12012

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-12012

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-12012

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-12012

EUVD