var-202003-1268
Vulnerability from variot
Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. APQ8017 is a central processing unit (CPU) product.
The Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that when decoding the Service Reject/RAU Reject/PTMSI Realloc cmd, the program fails to perform the correct length check. The attacker can use a special request Use the vulnerability to obtain sensitive information or cause denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apq8009",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 2.2,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9205",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": null,
"trust": 1.4,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9645",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9655",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcm2150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9635m",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9625",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9635m",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9645",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9655",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "rennell",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcm2150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20203"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-134"
},
{
"db": "NVD",
"id": "CVE-2019-10552"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
}
]
},
"cve": "CVE-2019-10552",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10552",
"impactScore": 9.2,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.4,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2019-014819",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-20203",
"impactScore": 9.2,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10552",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-014819",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10552",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2019-014819",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-20203",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-134",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20203"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-134"
},
{
"db": "NVD",
"id": "CVE-2019-10552"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. Qualcomm MDM9206, etc. are all products of Qualcomm. MDM9206 is a central processing unit (CPU) product. SDX24 is a modem. APQ8017 is a central processing unit (CPU) product. \n\r\n\r\nThe Multi-Mode Call Processor in multiple Qualcomm products has a buffer overflow vulnerability. The vulnerability stems from the fact that when decoding the Service Reject/RAU Reject/PTMSI Realloc cmd, the program fails to perform the correct length check. The attacker can use a special request Use the vulnerability to obtain sensitive information or cause denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10552"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"db": "CNVD",
"id": "CNVD-2020-20203"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10552",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014819",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-20203",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-134",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20203"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-134"
},
{
"db": "NVD",
"id": "CVE-2019-10552"
}
]
},
"id": "VAR-202003-1268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20203"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20203"
}
]
},
"last_update_date": "2024-11-23T23:01:30.092000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "March 2020 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
},
{
"title": "Patch for Multiple Qualcomm product buffer overflow vulnerabilities (CNVD-2020-20203)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/211585"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111593"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20203"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-134"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
},
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"db": "NVD",
"id": "CVE-2019-10552"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10552"
},
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10552"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2020-31720"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-20203"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-134"
},
{
"db": "NVD",
"id": "CVE-2019-10552"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-20203"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-134"
},
{
"db": "NVD",
"id": "CVE-2019-10552"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-20203"
},
{
"date": "2020-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"date": "2020-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-134"
},
{
"date": "2020-03-05T09:15:15.610000",
"db": "NVD",
"id": "CVE-2019-10552"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-20203"
},
{
"date": "2020-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014819"
},
{
"date": "2020-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-134"
},
{
"date": "2024-11-21T04:19:26.123000",
"db": "NVD",
"id": "CVE-2019-10552"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-134"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Out-of-bounds read vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014819"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-134"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.