7.8
CVE-2019-14135
- EPSS 0.04%
- Published 16.04.2020 11:15:15
- Last modified 21.11.2024 04:26:08
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4010, QCA6174A, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS405, QCS605, SA6155P, Saipan, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Apq8009 Firmware Version-
Qualcomm ≫ Apq8017 Firmware Version-
Qualcomm ≫ Apq8053 Firmware Version-
Qualcomm ≫ Apq8096au Firmware Version-
Qualcomm ≫ Ipq8074 Firmware Version-
Qualcomm ≫ Mdm9206 Firmware Version-
Qualcomm ≫ Mdm9207c Firmware Version-
Qualcomm ≫ Mdm9607 Firmware Version-
Qualcomm ≫ Mdm9640 Firmware Version-
Qualcomm ≫ Mdm9650 Firmware Version-
Qualcomm ≫ Msm8996au Firmware Version-
Qualcomm ≫ Qca4010 Firmware Version-
Qualcomm ≫ Qca6174a Firmware Version-
Qualcomm ≫ Qca6574au Firmware Version-
Qualcomm ≫ Qca6584au Firmware Version-
Qualcomm ≫ Qca8081 Firmware Version-
Qualcomm ≫ Qca9377 Firmware Version-
Qualcomm ≫ Qca9379 Firmware Version-
Qualcomm ≫ Qca9886 Firmware Version-
Qualcomm ≫ Qcn7605 Firmware Version-
Qualcomm ≫ Qcs405 Firmware Version-
Qualcomm ≫ Qcs605 Firmware Version-
Qualcomm ≫ Sa6155p Firmware Version-
Qualcomm ≫ Saipan Firmware Version-
Qualcomm ≫ Sda845 Firmware Version-
Qualcomm ≫ Sdm660 Firmware Version-
Qualcomm ≫ Sdm670 Firmware Version-
Qualcomm ≫ Sdm710 Firmware Version-
Qualcomm ≫ Sdm845 Firmware Version-
Qualcomm ≫ Sdm850 Firmware Version-
Qualcomm ≫ Sdx20 Firmware Version-
Qualcomm ≫ Sdx24 Firmware Version-
Qualcomm ≫ Sm6150 Firmware Version-
Qualcomm ≫ Sm7150 Firmware Version-
Qualcomm ≫ Sm8150 Firmware Version-
Qualcomm ≫ Sxr1130 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.066 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.