8.8
CVE-2018-5879
- EPSS 0.08%
- Veröffentlicht 18.01.2019 22:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:37
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Improper length check while processing an MQTT message can lead to heap overflow in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Mdm9206 Firmware Version-
Qualcomm ≫ Mdm9607 Firmware Version-
Qualcomm ≫ Sd 210 Firmware Version-
Qualcomm ≫ Sd 212 Firmware Version-
Qualcomm ≫ Sd 205 Firmware Version-
Qualcomm ≫ Sd 425 Firmware Version-
Qualcomm ≫ Sd 427 Firmware Version-
Qualcomm ≫ Sd 430 Firmware Version-
Qualcomm ≫ Sd 435 Firmware Version-
Qualcomm ≫ Sd 450 Firmware Version-
Qualcomm ≫ Sd 625 Firmware Version-
Qualcomm ≫ Sd 636 Firmware Version-
Qualcomm ≫ Sd 835 Firmware Version-
Qualcomm ≫ Sda660 Firmware Version-
Qualcomm ≫ Sdm630 Firmware Version-
Qualcomm ≫ Sdm660 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.239 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 8.3 | 6.5 | 10 |
AV:A/AC:L/Au:N/C:C/I:C/A:C
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.