CVE-2018-11922

nvd nist

Published: Nov 26, 2024Modified: Jan 9, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

Affected (22)

Products: Qualcomm: Mdm9206 Firmware, Mdm9607 Firmware, Mdm9640 Firmware, Mdm9650 Firmware, 215 Firmware, Sd 210 Firmware, Sd 212 Firmware, Sd 205 Firmware, Sd 425 Firmware, Sd 427 Firmware, Sd 430 Firmware, Sd 435 Firmware, Sd 439 Firmware, Sd 429 Firmware, Sd 450 Firmware, Sd 625 Firmware, Sd 632 Firmware, Sd 845 Firmware, Sd 850 Firmware, Sda660 Firmware, Sdm439 Firmware, Sdx20 Firmware

Qualcomm

22 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9206 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9206	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9607 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9607	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9640 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9640	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9650 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9650	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm 215 Firmware	All versions

Running on/with	Platform Versions
Qualcomm 215	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 210 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 210	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 212 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 212	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 205 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 205	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 425 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 425	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 427 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 427	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 430 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 430	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 435 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 435	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 439 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 439	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 429 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 429	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 450 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 450	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 625 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 625	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 632 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 632	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 845 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 845	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 850 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 850	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sda660 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sda660	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm439 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm439	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx20 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx20	All versions

Related CWEs

CWE-16

References (1)

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html

Source: product-security@qualcomm.com

Vendor Advisory

Timeline

No history available yet.