9.4
CVE-2019-14082
- EPSS 0.24%
- Veröffentlicht 05.03.2020 09:15:17
- Zuletzt bearbeitet 21.11.2024 04:26:03
- Quelle product-security@qualcomm.com
- CVE-Watchlists
- Unerledigt
LoginPotential buffer over-read due to lack of bound check of memory offset passed in WLAN firmware in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9207C, MDM9607, QCN7605, SM8150
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Ipq8074 Firmware Version-
Qualcomm ≫ Mdm9206 Firmware Version-
Qualcomm ≫ Mdm9207c Firmware Version-
Qualcomm ≫ Mdm9607 Firmware Version-
Qualcomm ≫ Qcn7605 Firmware Version-
Qualcomm ≫ Sm8150 Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.441 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
|
| nvd@nist.gov | 9.4 | 10 | 9.2 |
AV:N/AC:L/Au:N/C:C/I:N/A:C
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.