7.8
CVE-2019-14036
- EPSS 0.04%
- Veröffentlicht 21.01.2020 07:15:12
- Zuletzt bearbeitet 21.11.2024 04:25:57
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Apq8064 Firmware Version-
Qualcomm ≫ Apq8096au Firmware Version-
Qualcomm ≫ Ipq4019 Firmware Version-
Qualcomm ≫ Ipq8064 Firmware Version-
Qualcomm ≫ Ipq8074 Firmware Version-
Qualcomm ≫ Mdm9607 Firmware Version-
Qualcomm ≫ Mdm9615 Firmware Version-
Qualcomm ≫ Mdm9640 Firmware Version-
Qualcomm ≫ Msm8996au Firmware Version-
Qualcomm ≫ Qcn7605 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.066 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.