9.8
CVE-2019-14080
- EPSS 0.37%
- Veröffentlicht 22.06.2020 07:15:11
- Zuletzt bearbeitet 21.11.2024 04:26:03
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, Kamorta, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Apq8053 Firmware Version-
Qualcomm ≫ Apq8096au Firmware Version-
Qualcomm ≫ Kamorta Firmware Version-
Qualcomm ≫ Mdm9607 Firmware Version-
Qualcomm ≫ Mdm9640 Firmware Version-
Qualcomm ≫ Mdm9650 Firmware Version-
Qualcomm ≫ Msm8905 Firmware Version-
Qualcomm ≫ Msm8909 Firmware Version-
Qualcomm ≫ Msm8917 Firmware Version-
Qualcomm ≫ Msm8920 Firmware Version-
Qualcomm ≫ Msm8937 Firmware Version-
Qualcomm ≫ Msm8940 Firmware Version-
Qualcomm ≫ Msm8953 Firmware Version-
Qualcomm ≫ Msm8996au Firmware Version-
Qualcomm ≫ Nicobar Firmware Version-
Qualcomm ≫ Qcm2150 Firmware Version-
Qualcomm ≫ Qcs605 Firmware Version-
Qualcomm ≫ Qm215 Firmware Version-
Qualcomm ≫ Rennell Firmware Version-
Qualcomm ≫ Sa415m Firmware Version-
Qualcomm ≫ Sc7180 Firmware Version-
Qualcomm ≫ Sc8180x Firmware Version-
Qualcomm ≫ Sda660 Firmware Version-
Qualcomm ≫ Sda845 Firmware Version-
Qualcomm ≫ Sdm429 Firmware Version-
Qualcomm ≫ Sdm439 Firmware Version-
Qualcomm ≫ Sdm450 Firmware Version-
Qualcomm ≫ Sdm630 Firmware Version-
Qualcomm ≫ Sdm632 Firmware Version-
Qualcomm ≫ Sdm636 Firmware Version-
Qualcomm ≫ Sdm660 Firmware Version-
Qualcomm ≫ Sdm670 Firmware Version-
Qualcomm ≫ Sdm710 Firmware Version-
Qualcomm ≫ Sdm845 Firmware Version-
Qualcomm ≫ Sdm850 Firmware Version-
Qualcomm ≫ Sdx24 Firmware Version-
Qualcomm ≫ Sm6150 Firmware Version-
Qualcomm ≫ Sm7150 Firmware Version-
Qualcomm ≫ Sm8150 Firmware Version-
Qualcomm ≫ Sxr1130 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.558 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.