5.5
CVE-2019-10616
- EPSS 0.04%
- Veröffentlicht 05.03.2020 09:15:16
- Zuletzt bearbeitet 21.11.2024 04:19:35
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Possibility of null pointer access if the SPDM commands are executed in the non-standard way in TZ. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, MDM9150, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8998, SA6155P, SDX24
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Apq8009 Firmware Version-
Qualcomm ≫ Apq8016 Firmware Version-
Qualcomm ≫ Mdm9150 Firmware Version-
Qualcomm ≫ Mdm9607 Firmware Version-
Qualcomm ≫ Mdm9650 Firmware Version-
Qualcomm ≫ Msm8905 Firmware Version-
Qualcomm ≫ Msm8909 Firmware Version-
Qualcomm ≫ Msm8909w Firmware Version-
Qualcomm ≫ Msm8998 Firmware Version-
Qualcomm ≫ Sa6155p Firmware Version-
Qualcomm ≫ Sdx24 Firmware Version-
Qualcomm ≫ Mdm9206 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.087 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.