V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2019-2283
CVE
Critical

Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Au…

CVSS
9.8
Critical
EPSS
0.01
p55
Published
2019-01-01
Updated
2019-01-01
Description

Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Tags · CWE
RCEPre-auth
CWE-125
CAPEC-540
Affected products
Mdm9150_firmwareMdm9206_firmwareMdm9607_firmwareMdm9640_firmwareMdm9650_firmwareMsm8909w_firmwareMsm8996au_firmwareQcs605_firmwareQualcomm_215_firmwareSd_205_firmwareSd_210_firmwareSd_212_firmwareSd_425_firmwareSd_427_firmwareSd_429_firmwareSd_430_firmwareSd_435_firmwareSd_439_firmwareSd_450_firmwareSd_625_firmware
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
2019-01-01
Published
2019-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.009 · p55
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
ProductVendorStatus
mdm9150_firmware*Tracked
mdm9206_firmware*Tracked
mdm9607_firmware*Tracked
mdm9640_firmware*Tracked
mdm9650_firmware*Tracked
msm8909w_firmware*Tracked
msm8996au_firmware*Tracked
qcs605_firmware*Tracked
qualcomm_215_firmware*Tracked
sd_205_firmware*Tracked
sd_210_firmware*Tracked
sd_212_firmware*Tracked
sd_425_firmware*Tracked
sd_427_firmware*Tracked
sd_429_firmware*Tracked
sd_430_firmware*Tracked
sd_435_firmware*Tracked
sd_439_firmware*Tracked
sd_450_firmware*Tracked
sd_625_firmware*Tracked
Showing first 20 of 39
Source databases
CVE