Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveQualcommCVE-2017-18282
HistoryOct 23, 2018 - 1:29 p.m.

CVE-2017-18282

2018-10-2313:29:00
qualcomm
web.nvd.nist.gov
29
cve-2017-18282
sdcc
snapdragon
mobile
security
vulnerability
nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

20.8%

JSON

Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.

Affected configurations

Nvd
Node
qualcommmdm9206_firmwareMatch-
AND
qualcommmdm9206Match-
Node
qualcommmdm9607_firmwareMatch-
AND
qualcommmdm9607Match-
Node
qualcommmdm9650_firmwareMatch-
AND
qualcommmdm9650Match-
Node
qualcommsd210_firmwareMatch-
AND
qualcommsd210Match-
Node
qualcommsd212_firmwareMatch-
AND
qualcommsd212Match-
Node
qualcommsd205_firmwareMatch-
AND
qualcommsd205Match-
Node
qualcommsd425_firmwareMatch-
AND
qualcommsd425Match-
Node
qualcommsd430_firmwareMatch-
AND
qualcommsd430Match-
Node
qualcommsd450_firmwareMatch-
AND
qualcommsd450Match-
Node
qualcommsd625_firmwareMatch-
AND
qualcommsd625Match-
Node
qualcommsd650_firmwareMatch-
AND
qualcommsd650Match-
Node
qualcommsd652_firmwareMatch-
AND
qualcommsd652Match-
Node
qualcommsd835_firmwareMatch-
AND
qualcommsd835Match-
Node
qualcommsda660_firmwareMatch-
AND
qualcommsda660Match-
VendorProductVersionCPE
qualcommmdm9206_firmware-cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
qualcommmdm9206-cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
qualcommmdm9607_firmware-cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
qualcommmdm9607-cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
qualcommmdm9650_firmware-cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
qualcommmdm9650-cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
qualcommsd210_firmware-cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*
qualcommsd210-cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*
qualcommsd212_firmware-cpe:2.3:o:qualcomm:sd212_firmware:-:*:*:*:*:*:*:*
qualcommsd212-cpe:2.3:h:qualcomm:sd212:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 281

CNA Affected

[
  {
    "product": "Snapdragon Mobile, Snapdragon Wear",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660"
      }
    ]
  }
]

Related

nvd 1
cvelist 1
prion 1
nvd
nvd
CVE-2017-18282
2018-10-23 13:29:00
cvelist
cvelist
CVE-2017-18282
2018-10-23 13:00:00
prion
prion
Code injection
2018-10-23 13:29:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

20.8%

JSON
Related for CVE-2017-18282
nvd1cvelist1prion1