CVE-2019-10575

EPSS 0.02%
Published 16.04.2020 11:15:13
Last modified 21.11.2024 04:19:29
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Wlan binary which is not signed with OEMs RoT is working on secure device without authentication failure in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SDM850

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Sda845 Firmware Version-

Qualcomm ≫ Sda845 Version-

Qualcomm ≫ Sdm845 Firmware Version-

Qualcomm ≫ Sdm845 Version-

Qualcomm ≫ Sdm850 Firmware Version-

Qualcomm ≫ Sdm850 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.014

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-347 Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-10575

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-10575

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-10575

EUVD