Lucene search

[email protected]CVE-2019-10562

HistorySep 08, 2020 - 10:15 a.m.

CVE-2019-10562

2020-09-0810:15:00

CWE-347

CWE-287

[email protected]

web.nvd.nist.gov

cve-2019-10562

improper authentication

signature verification

debug policies

secure boot loader

memory corruption

snapdragon auto

snapdragon compute

snapdragon connectivity

snapdragon consumer iot

snapdragon industrial iot

snapdragon mobile

snapdragon wired infrastructure and networking

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

11.9%

JSON

u’Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MSM8998, Nicobar, QCS404, QCS605, QCS610, Rennell, SA415M, SA6155P, SC7180, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CPENameOperatorVersion
qualcomm:ipq6018_firmwarequalcomm ipq6018 firmwareeq-
qualcomm:kamorta_firmwarequalcomm kamorta firmwareeq-
qualcomm:msm8998_firmwarequalcomm msm8998 firmwareeq-
qualcomm:nicobar_firmwarequalcomm nicobar firmwareeq-
qualcomm:qcs404_firmwarequalcomm qcs404 firmwareeq-
qualcomm:qcs605_firmwarequalcomm qcs605 firmwareeq-
qualcomm:qcs610_firmwarequalcomm qcs610 firmwareeq-
qualcomm:rennell_firmwarequalcomm rennell firmwareeq-
qualcomm:sa415m_firmwarequalcomm sa415m firmwareeq-
qualcomm:sa6155p_firmwarequalcomm sa6155p firmwareeq-

CPE	Name	Operator	Version
qualcomm:ipq6018_firmware	qualcomm ipq6018 firmware	eq	-
qualcomm:kamorta_firmware	qualcomm kamorta firmware	eq	-
qualcomm:msm8998_firmware	qualcomm msm8998 firmware	eq	-
qualcomm:nicobar_firmware	qualcomm nicobar firmware	eq	-
qualcomm:qcs404_firmware	qualcomm qcs404 firmware	eq	-
qualcomm:qcs605_firmware	qualcomm qcs605 firmware	eq	-
qualcomm:qcs610_firmware	qualcomm qcs610 firmware	eq	-
qualcomm:rennell_firmware	qualcomm rennell firmware	eq	-
qualcomm:sa415m_firmware	qualcomm sa415m firmware	eq	-
qualcomm:sa6155p_firmware	qualcomm sa6155p firmware	eq	-

Rows per page:

1-10 of 281

References

www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

11.9%

JSON

Related for CVE-2019-10562

prion1 threatpost1