CVE-2018-11932

Published: Feb 25, 2019Modified: Nov 21, 2024

9.1

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130.

Affected (20)

Products: Qualcomm: Mdm9650 Firmware, Mdm9655 Firmware, Msm8996au Firmware, Qcs605 Firmware, Sd 410 Firmware, Sd 12 Firmware, Sd 615 Firmware, Sd 16 Firmware, Sd 415 Firmware, Sd 675 Firmware, Sd 712 Firmware, Sd 710 Firmware, Sd 670 Firmware, Sd 820 Firmware, Sd 820a Firmware, Sd 835 Firmware, Sd 845 Firmware, Sd 850 Firmware, Sd 8cx Firmware, Sxr1130 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9650 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9650	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9655 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9655	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8996au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8996au	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs605 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs605	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 410 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 410	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 12 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 12	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 615 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 615	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 16 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 16	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 415 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 415	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 675 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 675	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 712 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 712	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 710 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 710	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 670 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 670	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 820 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 820	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 820a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 820a	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 835	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 845 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 845	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 850 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 850	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 8cx Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 8cx	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr1130 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr1130	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://www.securityfocus.com/bid/106845

Source: product-security@qualcomm.com

Third Party AdvisoryVDB Entry

https://www.qualcomm.com/company/product-security/bulletins

Source: product-security@qualcomm.com

Vendor Advisory

http://www.securityfocus.com/bid/106845

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.qualcomm.com/company/product-security/bulletins

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.