CVE-2019-10500

CVE

Critical

While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snap…

CVSS

9.8

Critical

EPSS

0.01

p54

Published

2019-01-01

Updated

2019-01-01

Description

While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Tags · CWE

Pre-auth

CWE-131

CAPEC-47

CAPEC-100

Affected products

Apq8009_firmwareApq8017_firmwareApq8053_firmwareApq8096_firmwareApq8096au_firmwareApq8098_firmwareMdm9150_firmwareMdm9205_firmwareMdm9206_firmwareMdm9607_firmwareMdm9625_firmwareMdm9635m_firmwareMdm9640_firmwareMdm9645_firmwareMdm9650_firmwareMdm9655_firmwareMsm8905_firmwareMsm8909_firmwareMsm8909w_firmwareMsm8917_firmware

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

2019-01-01

Published

2019-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.009 · p54

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Qualcomm

Sdx55 Sdx55 Firmware Mdm9650 Mdm9650 Firmware Mdm9206 Mdm9607 Mdm9206 Firmware Mdm9607 Firmware Msm8996au Qcs605+94

Product	Vendor	Status
apq8009_firmware	*	Tracked
apq8017_firmware	*	Tracked
apq8053_firmware	*	Tracked
apq8096_firmware	*	Tracked
apq8096au_firmware	*	Tracked
apq8098_firmware	*	Tracked
mdm9150_firmware	*	Tracked
mdm9205_firmware	*	Tracked
mdm9206_firmware	*	Tracked
mdm9607_firmware	*	Tracked
mdm9625_firmware	*	Tracked
mdm9635m_firmware	*	Tracked
mdm9640_firmware	*	Tracked
mdm9645_firmware	*	Tracked
mdm9650_firmware	*	Tracked
mdm9655_firmware	*	Tracked
msm8905_firmware	*	Tracked
msm8909_firmware	*	Tracked
msm8909w_firmware	*	Tracked
msm8917_firmware	*	Tracked

Showing first 20 of 52

Source databases

CVE