7.8

CVE-2019-10555

Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150

Data is provided by the National Vulnerability Database (NVD)
QualcommApq8017 Firmware Version-
   QualcommApq8017 Version-
QualcommApq8053 Firmware Version-
   QualcommApq8053 Version-
QualcommApq8096au Firmware Version-
   QualcommApq8096au Version-
QualcommApq8098 Firmware Version-
   QualcommApq8098 Version-
QualcommMdm9206 Firmware Version-
   QualcommMdm9206 Version-
QualcommMdm9207c Firmware Version-
   QualcommMdm9207c Version-
QualcommMdm9607 Firmware Version-
   QualcommMdm9607 Version-
QualcommMdm9640 Firmware Version-
   QualcommMdm9640 Version-
QualcommMdm9650 Firmware Version-
   QualcommMdm9650 Version-
QualcommMsm8909 Firmware Version-
   QualcommMsm8909 Version-
QualcommMsm8909w Firmware Version-
   QualcommMsm8909w Version-
QualcommMsm8917 Firmware Version-
   QualcommMsm8917 Version-
QualcommMsm8920 Firmware Version-
   QualcommMsm8920 Version-
QualcommMsm8937 Firmware Version-
   QualcommMsm8937 Version-
QualcommMsm8940 Firmware Version-
   QualcommMsm8940 Version-
QualcommMsm8953 Firmware Version-
   QualcommMsm8953 Version-
QualcommMsm8996au Firmware Version-
   QualcommMsm8996au Version-
QualcommMsm8998 Firmware Version-
   QualcommMsm8998 Version-
QualcommNicobar Firmware Version-
   QualcommNicobar Version-
QualcommQcn7605 Firmware Version-
   QualcommQcn7605 Version-
QualcommQcs405 Firmware Version-
   QualcommQcs405 Version-
QualcommQcs605 Firmware Version-
   QualcommQcs605 Version-
QualcommQm215 Firmware Version-
   QualcommQm215 Version-
QualcommSda660 Firmware Version-
   QualcommSda660 Version-
QualcommSda845 Firmware Version-
   QualcommSda845 Version-
QualcommSdm429 Firmware Version-
   QualcommSdm429 Version-
QualcommSdm439 Firmware Version-
   QualcommSdm439 Version-
QualcommSdm450 Firmware Version-
   QualcommSdm450 Version-
QualcommSdm630 Firmware Version-
   QualcommSdm630 Version-
QualcommSdm632 Firmware Version-
   QualcommSdm632 Version-
QualcommSdm636 Firmware Version-
   QualcommSdm636 Version-
QualcommSdm660 Firmware Version-
   QualcommSdm660 Version-
QualcommSdm670 Firmware Version-
   QualcommSdm670 Version-
QualcommSdm710 Firmware Version-
   QualcommSdm710 Version-
QualcommSdm845 Firmware Version-
   QualcommSdm845 Version-
QualcommSdx20 Firmware Version-
   QualcommSdx20 Version-
QualcommSdx24 Firmware Version-
   QualcommSdx24 Version-
QualcommSm6150 Firmware Version-
   QualcommSm6150 Version-
QualcommSm7150 Firmware Version-
   QualcommSm7150 Version-
QualcommSm8150 Firmware Version-
   QualcommSm8150 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.05% 0.137
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.