CVE-2019-14007

EPSS 0.05%
Published 16.04.2020 11:15:14
Last modified 21.11.2024 04:25:53
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC7180, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Apq8009 Firmware Version-

Qualcomm ≫ Apq8009 Version-

Qualcomm ≫ Apq8017 Firmware Version-

Qualcomm ≫ Apq8017 Version-

Qualcomm ≫ Apq8053 Firmware Version-

Qualcomm ≫ Apq8053 Version-

Qualcomm ≫ Apq8096 Firmware Version-

Qualcomm ≫ Apq8096 Version-

Qualcomm ≫ Apq8096au Firmware Version-

Qualcomm ≫ Apq8096au Version-

Qualcomm ≫ Apq8098 Firmware Version-

Qualcomm ≫ Apq8098 Version-

Qualcomm ≫ Mdm9150 Firmware Version-

Qualcomm ≫ Mdm9150 Version-

Qualcomm ≫ Mdm9205 Firmware Version-

Qualcomm ≫ Mdm9205 Version-

Qualcomm ≫ Mdm9206 Firmware Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Mdm9607 Firmware Version-

Qualcomm ≫ Mdm9607 Version-

Qualcomm ≫ Mdm9650 Firmware Version-

Qualcomm ≫ Mdm9650 Version-

Qualcomm ≫ Msm8905 Firmware Version-

Qualcomm ≫ Msm8905 Version-

Qualcomm ≫ Msm8909 Firmware Version-

Qualcomm ≫ Msm8909 Version-

Qualcomm ≫ Msm8917 Firmware Version-

Qualcomm ≫ Msm8917 Version-

Qualcomm ≫ Msm8920 Firmware Version-

Qualcomm ≫ Msm8920 Version-

Qualcomm ≫ Msm8937 Firmware Version-

Qualcomm ≫ Msm8937 Version-

Qualcomm ≫ Msm8940 Firmware Version-

Qualcomm ≫ Msm8940 Version-

Qualcomm ≫ Msm8953 Firmware Version-

Qualcomm ≫ Msm8953 Version-

Qualcomm ≫ Msm8996 Firmware Version-

Qualcomm ≫ Msm8996 Version-

Qualcomm ≫ Msm8996au Firmware Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Msm8998 Firmware Version-

Qualcomm ≫ Msm8998 Version-

Qualcomm ≫ Nicobar Firmware Version-

Qualcomm ≫ Nicobar Version-

Qualcomm ≫ Qcs404 Firmware Version-

Qualcomm ≫ Qcs404 Version-

Qualcomm ≫ Qcs405 Firmware Version-

Qualcomm ≫ Qcs405 Version-

Qualcomm ≫ Qcs605 Firmware Version-

Qualcomm ≫ Qcs605 Version-

Qualcomm ≫ Qm215 Firmware Version-

Qualcomm ≫ Qm215 Version-

Qualcomm ≫ Rennell Firmware Version-

Qualcomm ≫ Rennell Version-

Qualcomm ≫ Sa6155p Firmware Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Sc7180 Firmware Version-

Qualcomm ≫ Sc7180 Version-

Qualcomm ≫ Sda660 Firmware Version-

Qualcomm ≫ Sda660 Version-

Qualcomm ≫ Sda845 Firmware Version-

Qualcomm ≫ Sda845 Version-

Qualcomm ≫ Sdm429 Firmware Version-

Qualcomm ≫ Sdm429 Version-

Qualcomm ≫ Sdm439 Firmware Version-

Qualcomm ≫ Sdm439 Version-

Qualcomm ≫ Sdm450 Firmware Version-

Qualcomm ≫ Sdm450 Version-

Qualcomm ≫ Sdm630 Firmware Version-

Qualcomm ≫ Sdm630 Version-

Qualcomm ≫ Sdm632 Firmware Version-

Qualcomm ≫ Sdm632 Version-

Qualcomm ≫ Sdm636 Firmware Version-

Qualcomm ≫ Sdm636 Version-

Qualcomm ≫ Sdm660 Firmware Version-

Qualcomm ≫ Sdm660 Version-

Qualcomm ≫ Sdm670 Firmware Version-

Qualcomm ≫ Sdm670 Version-

Qualcomm ≫ Sdm710 Firmware Version-

Qualcomm ≫ Sdm710 Version-

Qualcomm ≫ Sdm845 Firmware Version-

Qualcomm ≫ Sdm845 Version-

Qualcomm ≫ Sdm850 Firmware Version-

Qualcomm ≫ Sdm850 Version-

Qualcomm ≫ Sdx24 Firmware Version-

Qualcomm ≫ Sdx24 Version-

Qualcomm ≫ Sdx55 Firmware Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Sm6150 Firmware Version-

Qualcomm ≫ Sm6150 Version-

Qualcomm ≫ Sm7150 Firmware Version-

Qualcomm ≫ Sm7150 Version-

Qualcomm ≫ Sm8150 Firmware Version-

Qualcomm ≫ Sm8150 Version-

Qualcomm ≫ Sxr1130 Firmware Version-

Qualcomm ≫ Sxr1130 Version-

Qualcomm ≫ Sxr2130 Firmware Version-

Qualcomm ≫ Sxr2130 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.103

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:C/I:N/A:N

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-14007

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-14007

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-14007

EUVD