9.1
CVE-2019-10622
- EPSS 0.18%
- Published 16.04.2020 11:15:13
- Last modified 21.11.2024 04:19:36
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, QCN7605, QCS605, SC8180X, SDM710, SDX24, SDX55, SM8150, SM8250, SXR2130
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Apq8009 Firmware Version-
Qualcomm ≫ Apq8096au Firmware Version-
Qualcomm ≫ Ipq4019 Firmware Version-
Qualcomm ≫ Ipq6018 Firmware Version-
Qualcomm ≫ Ipq8064 Firmware Version-
Qualcomm ≫ Ipq8074 Firmware Version-
Qualcomm ≫ Mdm9206 Firmware Version-
Qualcomm ≫ Mdm9207c Firmware Version-
Qualcomm ≫ Mdm9607 Firmware Version-
Qualcomm ≫ Mdm9640 Firmware Version-
Qualcomm ≫ Mdm9650 Firmware Version-
Qualcomm ≫ Qcn7605 Firmware Version-
Qualcomm ≫ Qcs605 Firmware Version-
Qualcomm ≫ Sc8180x Firmware Version-
Qualcomm ≫ Sdm710 Firmware Version-
Qualcomm ≫ Sdx24 Firmware Version-
Qualcomm ≫ Sdx55 Firmware Version-
Qualcomm ≫ Sm8150 Firmware Version-
Qualcomm ≫ Sm8250 Firmware Version-
Qualcomm ≫ Sxr2130 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.358 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
|
| nvd@nist.gov | 3.6 | 3.9 | 4.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:P
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.