Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-11004

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-03 Jan, 2019 | 15:00
Updated At-05 Aug, 2024 | 17:57
Rejected At-
Credits

A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:03 Jan, 2019 | 15:00
Updated At:05 Aug, 2024 | 17:57
Rejected At:
â–¼CVE Numbering Authority (CNA)

A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
Versions
Affected
  • IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016
Problem Types
TypeCWE IDDescription
textN/AInformation Exposure in Core
Type: text
CWE ID: N/A
Description: Information Exposure in Core
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins
x_refsource_CONFIRM
http://www.securityfocus.com/bid/106128
vdb-entry
x_refsource_BID
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/106128
Resource:
vdb-entry
x_refsource_BID
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/106128
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/106128
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:03 Jan, 2019 | 15:29
Updated At:03 Oct, 2019 | 00:03

A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.5MEDIUM
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 3.0
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074_firmware>>-
cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074>>-
cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206_firmware>>-
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206>>-
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607_firmware>>-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607>>-
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9635m_firmware>>-
cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9635m>>-
cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650_firmware>>-
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650>>-
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655_firmware>>-
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655>>-
cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au_firmware>>-
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au>>-
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_210_firmware>>-
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_210>>-
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_212_firmware>>-
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_212>>-
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_205_firmware>>-
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_205>>-
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_410_firmware>>-
cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_410>>-
cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_412_firmware>>-
cpe:2.3:o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_412>>-
cpe:2.3:h:qualcomm:sd_412:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_425_firmware>>-
cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_425>>-
cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_427_firmware>>-
cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_427>>-
cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_430_firmware>>-
cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_430>>-
cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_435_firmware>>-
cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_435>>-
cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_439_firmware>>-
cpe:2.3:o:qualcomm:sd_439_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_439>>-
cpe:2.3:h:qualcomm:sd_439:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_429_firmware>>-
cpe:2.3:o:qualcomm:sd_429_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_429>>-
cpe:2.3:h:qualcomm:sd_429:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_450_firmware>>-
cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_450>>-
cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_615_firmware>>-
cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_615>>-
cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_616_firmware>>-
cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_616>>-
cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_415_firmware>>-
cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_415>>-
cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_625_firmware>>-
cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_625>>-
cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_632_firmware>>-
cpe:2.3:o:qualcomm:sd_632_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_632>>-
cpe:2.3:h:qualcomm:sd_632:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_636_firmware>>-
cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_636>>-
cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/106128product-security@qualcomm.com
Third Party Advisory
VDB Entry
https://www.qualcomm.com/company/product-security/bulletinsproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/106128
Source: product-security@qualcomm.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

71Records found
CVE-2018-11820
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.98%
||
7 Day CHG~0.00%
Published-25 Feb, 2019 | 23:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of non-time constant memcmp function creates side channel that leaks information and leads to cryptographic issues in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 800, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820amsm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwaremdm9206sd_652sd_425_firmwaresd_800_firmwaresd_625_firmwareipq8074sd_450sd_8cx_firmwaresd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwareqca8081_firmwaresxr1130sd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_412sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_710_firmwaresdm630sd_625ipq8074_firmwaresd_820_firmwaresd_210mdm9607sd_636_firmwaresd_800sd_439_firmwareqca8081mdm9150sd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_412_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_430sd_427sd_670sd_435_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2018-11275
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.80%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when flashing image using FastbootLib if size is not divisible by block size, information leak occurs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-1904
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.13% / 32.21%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sm7250mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca8337qca6431_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwareapq8076sd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresdx20mqca9367_firmwarewcn3999qrb5165_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sdm830_firmwaresd765gqualcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwarewcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwareqet4101_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwarewcd9335_firmwaresd439_firmwarewcn3980qca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwarewcn6740_firmwaremsm8953sd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439qet4101wcn3660qca9379ar8035_firmwareqcm2290qsm8250_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sm7250_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareapq8076_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwarewcn3610_firmwareqca6436_firmwarewcd9306qca6584ausd778gqca6564au_firmwaresa6155p_firmwareqca6310sd429sdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresa6145p_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausm6250_firmwaremsm8953_firmwaresda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315csr6030_firmwareqca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sd888msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwaresm7325wcn6750qca6574_firmwaresd855sm4125_firmwaresd665sd765qca6574a_firmwaresd768g_firmwareapq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaremdm9626qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaresd_455mdm9626_firmwareqca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500sa6150papq8096au_firmwaresd845sdm830sd720g_firmwaresdx12qcs410_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-697
Incorrect Comparison
CVE-2021-1918
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 13.75%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:25
Updated-22 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3998_firmwarewcn6856sd750gwcn3991_firmwaresd778gqrb5165qrb5165n_firmwaresd765wcn6851_firmwarewsa8815wcn6750wcn6850wsa8810wsa8815_firmwareqrb5165nsd778g_firmwarewcd9375qca6391_firmwarewsa8810_firmwarewsa8835wcn6850_firmwarewcn3998qcs6490_firmwarewcd9375_firmwareqcm6490_firmwaresd765_firmwaresd765g_firmwarewcd9380_firmwarewcd9380wcn3988wcn3991sd768gwcd9385qcm6490wcn6855_firmwaresm7250pwcn3988_firmwaresm7250p_firmwarewsa8830sd750g_firmwaresd888_5g_firmwarewcn6855qca6391sd765gwcn6856_firmwareqrb5165_firmwarewcd9370_firmwareqcs6490wsa8830_firmwaresm7325p_firmwaresm7325pwcd9370sd690_5gwcn6851sd768g_firmwarewsa8835_firmwarewcn6750_firmwaresd888_5gwcd9385_firmwaresd690_5g_firmwareSnapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2020-3643
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 26.31%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096AU, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcm2150_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareapq8076_firmwaresdm636sda845_firmwaresa415mapq8098ipq6018_firmwaremdm9205mdm9206_firmwaresa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm660sc8180x_firmwaresa415m_firmwareqcs405sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8937msm8996_firmwaremsm8905ipq6018sm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdm850kamortaapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2021-1969
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.03% / 10.58%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 00:00
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwaremdm9150_firmwarewcn3991sd678sa6150p_firmwareqca8337_firmwaresa8145p_firmwareqcs610sda429w_firmwarewcd9380_firmwaresd_675fsm10056qca8337qca6595sdx55m_firmwarecsra6620fsm10055_firmwareqca6574wcn3950_firmwaresd665_firmwarewcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresa6155qcs410wcd9370csra6620_firmwaresd_675_firmwaresd675_firmwareqca6574acsra6640_firmwareqcs6125_firmwareqca6584au_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcn3998sd_8cx_firmwarewcn3950sd720gqca6574_firmwarewcd9340_firmwarewcn3660bsd855wsa8815sd665sd_8c_firmwarewcn3660b_firmwaresa8155qca6574a_firmwareqca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwarewcn3999_firmwarewcn3980_firmwarewcn3610_firmwareqca6420qca6391sdx55maqt1000_firmwareqca6584ausa6155p_firmwarewcn3999sd678_firmwarear8031_firmwareqcs6125sa8155_firmwareqcs405qca6430wcn3988_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresm6250wcd9340sa8195pwsa8810_firmwarewcd9341_firmwareqcm6125wsa8810fsm10056_firmwarewcd9335sa6155pqcs610_firmwaremdm9150sd_8csa6145pwcd9341ar8031qca6696_firmwareqca6595_firmwareqcs405_firmwaresa8145pqca6696qca6391_firmwarear8035wcd9375sd_8cxaqt1000sa8150pwcd9370_firmwaresm6250_firmwaresa6150psdx55sa8155pcsra6640sda429wsd675sd855_firmwarewcn3620_firmwarewcn3988wsa8815_firmwarewcn3620sd720g_firmwaresa8195p_firmwareqcs410_firmwarear8035_firmwarewcn3610qcm6125_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11265
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.75%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information disclosure issue due to lack of validation of pointer arguments passed to TZ BSP in Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar9580_firmwareipq4018_firmwareqfe1952ipq4028_firmwareqca7500_firmwareqca7520qca7500ipq4029_firmwareqca7550_firmwareqca9994qca4024_firmwareqca9889_firmwareqca9880_firmwareqca10901qca9992wcd9340csr8811_firmwareqca7520_firmwareqca9880wsa8810_firmwareqca7550wsa8810qcn3018_firmwareqca8075_firmwareipq4019_firmwareipq4018qcn3018qca9886_firmwareqca9889qca9888_firmwareqca9888qca9984_firmwareqca9994_firmwarear9580qca9898_firmwareqca4024csr8811ipq4019ar7420qca9886wcd9340_firmwarear7420_firmwareqca8075qfe1922qfe1922_firmwareqca9992_firmwareqfe1952_firmwareqca9984qca9898ipq4029ipq4028qca10901_firmwareSnapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11266
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 13.75%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar9580_firmwareipq4018_firmwareqfe1952ipq4028_firmwareqca7500_firmwareqca7520qca7500ipq4029_firmwareqca7550_firmwareqca9994qca4024_firmwareqca9889_firmwareqca9880_firmwareqca10901qca9992wcd9340csr8811_firmwareqca7520_firmwareqca9880wsa8810_firmwareqca7550wsa8810qcn3018_firmwareqca8075_firmwareipq4019_firmwareipq4018qcn3018qca9886_firmwareqca9889qca9888_firmwareqca9888qca9984_firmwareqca9994_firmwarear9580qca9898_firmwareqca4024csr8811ipq4019ar7420qca9886wcd9340_firmwarear7420_firmwareqca8075qfe1922qfe1922_firmwareqca9992_firmwareqfe1952_firmwareqca9984qca9898ipq4029ipq4028qca10901_firmwareSnapdragon Wired Infrastructure and Networking
CVE-2020-11221
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.75%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwaremdm9645wcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwarepm7150lqcc1110_firmwarepm8998_firmwareqpa8821sd_455_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaremdm9230_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150awtr4605_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sd765gsdr660qfe1045_firmwareqfe3345msm8209_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresd_8cxwtr3950qfe3340qdm5621qtc800sqca4004qat3514_firmwaremdm9330_firmwaresd660sd865_5g_firmwaresd712pm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qfe3335_firmwareqpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwareqpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwarepmd9645qdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqca6584_firmwareqdm2301_firmwaremsm8937_firmwareqdm5621_firmwareqpm6375sd_8c_firmwaresd835wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwareapq8084_firmwaresdr105pm660a_firmwarepm215pm4250qpm5577mdm8207_firmwaresdm630_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresa2150ppmx20_firmwaresd820_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bsmb2351qln1031pm8909mdm9150_firmwareqfe1040pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qfe1040_firmwarecsrb31024mdm9628_firmwareqfe2340_firmwaremdm9650sd_636pmx24_firmwareqbt1500_firmwarepmk8001qcs4290pmm855aumdm9250qca6420_firmwarepmd9635_firmwareapq8009_firmwarepm7150asd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewhs9410rgr7640au_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940mdm9207qsm7250_firmwarepm7150l_firmwarewcd9306qca6584aumsm8208qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgqfs2530_firmwarepmx55sa415m_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqca6390wcd9375aqt1000msm8976sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998sdw3100smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qln1020_firmwaremdm9630_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gqca6595pm8150_firmwareqpm8830pmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361mdm9206qpm5577_firmwareqdm5679_firmwaresmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqat3555sd850_firmwareapq8009qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801spmi8940_firmwaresc8180x_firmwareqfe3320sd710mdm9607mdm9645_firmwarepm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50qfe3345_firmwaresdr8250sd768gqln1030_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresdw2500sd845smb1357pmd9655au_firmwareqca617_firmwareqcs410_firmwaremdm9330qpa5580qpm5579qfe2550qcs610pmi8996qfe1045qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290qca6335msm8917qln1020qcs605_firmwaresd_675_firmwarewtr3905qdm5671pmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000msm8909wwcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwareqpa5460_firmwarepm8940_firmwareqdm3301_firmwarepm8996qsm7250qcs6125sd662_firmwareqcc1110smb1360qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarepm439_firmwareqca4020_firmwareqca6436wcn6851qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaremdm9207_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052smb1390sdw3100_firmwaremsm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwarewgr7640csr6030qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresmb1395smb358spm660lsmb358s_firmwarear8151smr526wtr5975qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarewcn3680_firmwareqca617pm855lwcn6851_firmwareqdm5670_firmwarepmd9635pm7150a_firmwarepm8150b_firmwareqfe4302sd_636_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaremsm8976sg_firmwaresdr105_firmwarepmd9645_firmwaresd870pm670sd210_firmwareqdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qfe2081fc_firmwaresmb1360_firmwareqet5100_firmwareqpa5373pm670l_firmwaresdr660gqfe2340sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516smb358_firmwaresd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwaresdxr2_5gapq8084sd821sdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarear8035qpa8673qca6694_firmwareqdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694aupm8952_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresd820wcn6850_firmwarewcn3620smb358csr6030_firmwareqca6564apmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareqfe1035pmi8940sm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwarewcn6750pm8956_firmwareqet5100m_firmwareqpm4650mdm9205qtm525sa515msa2150p_firmwarewtr6955qfe3335sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qfe1035_firmwareqcm4290sdx50mpm640asdr8150sdx20pm8916pmd9655aumsm8920_firmwaresmb1395_firmwaresd_455pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550mdm9150qdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaremsm8608_firmwareqpa2625apq8037_firmwaresm7250psd720g_firmwarepm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-11199
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.75%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwaremdm9645wcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwarepm7150lqcc1110_firmwarepm8998_firmwareqpa8821sd_455_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaremdm9230_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150awtr4605_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sd765gsdr660qfe1045_firmwareqfe3345msm8209_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresd_8cxwtr3950qfe3340qdm5621qtc800sqca4004qat3514_firmwaremdm9330_firmwaresd660sd865_5g_firmwaresd712pm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qfe3335_firmwareqpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwareqpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwarepmd9645qdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqca6584_firmwareqdm2301_firmwaremsm8937_firmwareqdm5621_firmwareqpm6375sd_8c_firmwaresd835wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwareapq8084_firmwaresdr105pm660a_firmwarepm215pm4250qpm5577mdm8207_firmwaresdm630_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresa2150ppmx20_firmwaresd820_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bsmb2351qln1031pm8909mdm9150_firmwareqfe1040pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qfe1040_firmwarecsrb31024mdm9628_firmwareqfe2340_firmwaremdm9650sd_636pmx24_firmwareqbt1500_firmwarepmk8001qcs4290pmm855aumdm9250qca6420_firmwarepmd9635_firmwareapq8009_firmwarepm7150asd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewhs9410rgr7640au_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940mdm9207qsm7250_firmwarepm7150l_firmwarewcd9306qca6584aumsm8208qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgqfs2530_firmwarepmx55sa415m_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqca6390wcd9375aqt1000msm8976sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998sdw3100smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qln1020_firmwaremdm9630_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gqca6595pm8150_firmwareqpm8830pmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361mdm9206qpm5577_firmwareqdm5679_firmwaresmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqat3555sd850_firmwareapq8009qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801spmi8940_firmwaresc8180x_firmwareqfe3320sd710mdm9607mdm9645_firmwarepm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50qfe3345_firmwaresdr8250sd768gqln1030_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresdw2500sd845smb1357pmd9655au_firmwareqca617_firmwareqcs410_firmwaremdm9330qpa5580qpm5579qfe2550qcs610pmi8996qfe1045qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290qca6335msm8917qln1020qcs605_firmwaresd_675_firmwarewtr3905qdm5671pmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000msm8909wwcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwareqpa5460_firmwarepm8940_firmwareqdm3301_firmwarepm8996qsm7250qcs6125sd662_firmwareqcc1110smb1360qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarepm439_firmwareqca4020_firmwareqca6436wcn6851qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaremdm9207_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052smb1390sdw3100_firmwaremsm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwarewgr7640csr6030qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresmb1395smb358spm660lsmb358s_firmwarear8151smr526wtr5975qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarewcn3680_firmwareqca617pm855lwcn6851_firmwareqdm5670_firmwarepmd9635pm7150a_firmwarepm8150b_firmwareqfe4302sd_636_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaremsm8976sg_firmwaresdr105_firmwarepmd9645_firmwaresd870pm670sd210_firmwareqdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qfe2081fc_firmwaresmb1360_firmwareqet5100_firmwareqpa5373pm670l_firmwaresdr660gqfe2340sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516smb358_firmwaresd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwaresdxr2_5gapq8084sd821sdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarear8035qpa8673qca6694_firmwareqdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694aupm8952_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresd820wcn6850_firmwarewcn3620smb358csr6030_firmwareqca6564apmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareqfe1035pmi8940sm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwarewcn6750pm8956_firmwareqet5100m_firmwareqpm4650mdm9205qtm525sa515msa2150p_firmwarewtr6955qfe3335sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qfe1035_firmwareqcm4290sdx50mpm640asdr8150sdx20pm8916pmd9655aumsm8920_firmwaresmb1395_firmwaresd_455pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550mdm9150qdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaremsm8608_firmwareqpa2625apq8037_firmwaresm7250psd720g_firmwarepm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-11971
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.75%
||
7 Day CHG~0.00%
Published-04 Apr, 2019 | 15:09
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Interrupt exit code flow may undermine access control policy set forth by secure world can lead to potential secure asset leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_412sd_670_firmwaresd_616sdm660sdm630sd_615mdm9607_firmwaremdm9655_firmwaremdm9650sd_636sd_710_firmwaresd_615_firmwaremdm9607sd_636_firmwaresd_845_firmwaresd_410qcs605_firmwaremdm9206sd_850_firmwaremdm9655sd_412_firmwaresd_712_firmwaresdm630_firmwaresd_8cx_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605sd_8cxsd_670mdm9650_firmwaresd_710sd_410_firmwaresda660sxr1130_firmwaresd_415_firmwaresxr1130sd_616_firmwaresdm660_firmwaresd_415Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-9693
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.83%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 21:00
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extn_capability results in a read for extra bytes when a memcpy is done from params->ext_capab to StaParams.extn_capability using the sizeof(StaParams.extn_capability).

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-3674
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 26.31%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwaresm8250_firmwaresdx55sc8180x_firmwareqcs405saipan_firmwaresm8250sm8150sdx55_firmwarenicobar_firmwaresaipansxr2130sc8180xnicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3687
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 10.73%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qualcommunspecified
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-3679
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.25% / 48.42%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, Nicobar, QCS404, QCS610, Rennell, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcs610qcs404_firmwaresm8250_firmwaresc8180x_firmwaresm7150_firmwaresa8155p_firmwaresc7180_firmwaresm6150sm7150sa6155pqcs610_firmwaresxr2130sc8180xqcs404sm8150_firmwaresxr2130_firmwarerennellsc7180bitrarennell_firmwaresdx55sa8155psaipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150kamortasdx55_firmwarenicobar_firmwaresaipannicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-3620
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.75%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcm2150_firmwaremdm9640_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636sda845_firmwaresa415mbitraapq8098qcn7605mdm9205mdm9206_firmwareqcs605bitra_firmwaremsm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwareqca8081_firmwaresxr1130apq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sa415m_firmwareqcs405sc8180x_firmwareipq8074_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwaresdm710_firmwareqcn7605_firmwaresa6155pqca8081qcs610_firmwaremsm8937mdm9150msm8996_firmwaremsm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwarerennellsc7180qcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresdm850sm8250kamortamsm8996saipannicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-3644
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 26.31%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Information disclosure issue occurs as in current logic Secure Touch session is released without terminating display session' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcs610msm8996au_firmwaresdm845sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150msm8996ausm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mapq8098mdm9205mdm9206_firmwaresa515mqcs605mdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaresdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710sc7180_firmwaremdm9607sdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8996_firmwaremsm8905sm8150_firmwaremsm8909sxr2130_firmwareapq8096auqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaresdx55sm6150_firmwareapq8096au_firmwaresm8250msm8998sm8150sdm850kamortamsm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-15844
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.22%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the function for writing device values into flash, uninitialized memory can be written to flash.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-14893
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.65%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-14872
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.65%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11123
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.75%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaresm7250mdm9640_firmwaresa6150p_firmwaresm6250p_firmwareqcs610sm6125sdm712_firmwaresdm640sdm450_firmwaresdm632sm7250_firmwaremdm9628_firmwaremdm9650qcs4290mdm9250sa8150p_firmwaresa6155apq8009_firmwaresdm712msm8917sdm670sm8350qcs605_firmwaresm6115apq8096sgsm7150psda845_firmwaremsm8108sa415msdw2500_firmwareapq8098msm8108_firmwaresm4250sc8180xpmdm9628sm4125mdm9206_firmwaresda855qsm8350_firmwareqsm8350apq8037sa8155msm8905_firmwaresda660sdx55_firmwaresa6155_firmwaresdm1000msm8909wsm7250p_firmwareapq8009w_firmwaresxr1130apq8053_firmwaresxr2130psda845mdm9207sa6155p_firmwaremsm8208sxr2130p_firmwaresda640mdm8207sdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwaresa8155_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405msm8996sg_firmwaresa6145p_firmwareqm215sc7180_firmwaresm4250_firmwaresm6250sa8195papq8017_firmwaresdm710_firmwaresdm830_firmwaresxr1120sa6155pqcs603_firmwaremsm8937msm8209_firmwaremsm8905sm8350p_firmwaremdm9250_firmwareqcs4290_firmwaresm8150_firmwaremsm8909sm7150p_firmwaresxr2130_firmwaremdm9655sc7180apq8064ausa8150psc8180xp_firmwaresm6250_firmwaremdm9207_firmwaremsm8953_firmwaresm6150_firmwaresda429wmsm8917_firmwaremsm8998sm7225_firmwaresm8150sdm850sa8195p_firmwaresdm640_firmwareapq8017msm8208_firmwaremsm8996sxr1120_firmwaresm6125_firmwaresm8150pmsm8608mdm9640sm6115_firmwaresda429w_firmwareapq8096_firmwaresdm429wmsm8996au_firmwaresdm632_firmwarewcd9330sdm845apq8096sdx24sdx55m_firmwaresdm439sm6150psm6115p_firmwaresdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwareapq8096sg_firmwaresm7150sm6250pqcs410sda640_firmwaresc8180xsxr2130sdx50m_firmwaremdm9206sm8350psdm670_firmwaresdx24_firmwaresdm636sda670sm7225mdm9205sa515mqcs605sm6115psm4125_firmwaresdm455_firmwaremsm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwaremsm8209sda855_firmwareapq8009wcd9330_firmwaremsm8909_firmwaresdx55msm6150p_firmwaresdm455sm6350sm7125sdm850_firmwaresm4250p_firmwaremsm8920msm8953apq8064au_firmwareqcm4290msm8996sgsdx50msm8350_firmwareqcs603sdm660msm8920_firmwaresc8180x_firmwaresm6350_firmwaresa8155p_firmwaresdm710mdm9607apq8009wsda670_firmwareqcm4290_firmwareqcs610_firmwaremdm9150msm8996_firmwareqsm8250sa6145psm4250papq8096ausdm439_firmwareqcs405_firmwaremdm8207_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremsm8608_firmwareqm215_firmwaresm7125_firmwaresa6150psdw2500msm8940apq8053apq8096au_firmwaresa8155psdx55sm8150p_firmwaresm8250apq8037_firmwaresdm1000_firmwaresm7250psdm830qcs410_firmwaresdm660_firmwareqsm8250_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
  • Previous
  • 1
  • 2
  • Next
Details not found