7.8
CVE-2019-14054
- EPSS 0.03%
- Published 02.06.2020 15:15:10
- Last modified 21.11.2024 04:25:59
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130, SXR2130
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Kamorta Firmware Version-
Qualcomm ≫ Msm8998 Firmware Version-
Qualcomm ≫ Qcs404 Firmware Version-
Qualcomm ≫ Qcs605 Firmware Version-
Qualcomm ≫ Sda660 Firmware Version-
Qualcomm ≫ Sda845 Firmware Version-
Qualcomm ≫ Sdm630 Firmware Version-
Qualcomm ≫ Sdm636 Firmware Version-
Qualcomm ≫ Sdm660 Firmware Version-
Qualcomm ≫ Sdm670 Firmware Version-
Qualcomm ≫ Sdm710 Firmware Version-
Qualcomm ≫ Sdm845 Firmware Version-
Qualcomm ≫ Sdm850 Firmware Version-
Qualcomm ≫ Sm8150 Firmware Version-
Qualcomm ≫ Sxr1130 Firmware Version-
Qualcomm ≫ Sxr2130 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.039 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|