Lucene search

[email protected]NVD:CVE-2019-10595

HistoryDec 18, 2019 - 6:15 a.m.

CVE-2019-10595

2019-12-1806:15:12

CWE-20

CWE-787

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24

Affected configurations

Nvd

Node

qualcommapq8009Match-

AND

qualcommapq8009_firmwareMatch-

Node

qualcommapq8053Match-

AND

qualcommapq8053_firmwareMatch-

Node

qualcommapq8064Match-

AND

qualcommapq8064_firmwareMatch-

Node

qualcommapq8096auMatch-

AND

qualcommapq8096au_firmwareMatch-

Node

qualcommipq4019Match-

AND

qualcommipq4019_firmwareMatch-

Node

qualcommipq8064Match-

AND

qualcommipq8064_firmwareMatch-

Node

qualcommmdm9206Match-

AND

qualcommmdm9206_firmwareMatch-

Node

qualcommmdm9207cMatch-

AND

qualcommmdm9207c_firmwareMatch-

Node

qualcommmdm9607_firmwareMatch-

AND

qualcommmdm9607Match-

Node

qualcommmdm9615_firmwareMatch-

AND

qualcommmdm9615Match-

Node

qualcommmdm9640_firmwareMatch-

AND

qualcommmdm9640Match-

Node

qualcommmdm9650_firmwareMatch-

AND

qualcommmdm9650Match-

Node

qualcommmsm8909_firmwareMatch-

AND

qualcommmsm8909Match-

Node

qualcommmsm8909_firmwareMatch-

AND

qualcommmsm8909Match-

Node

qualcommmsm8939_firmwareMatch-

AND

qualcommmsm8939Match-

Node

qualcommmsm8996au_firmwareMatch-

AND

qualcommmsm8996auMatch-

Node

qualcommqca4531_firmwareMatch-

AND

qualcommqca4531Match-

Node

qualcommqca6174a_firmwareMatch-

AND

qualcommqca6174aMatch-

Node

qualcommqca6574au_firmwareMatch-

AND

qualcommqca6574auMatch-

Node

qualcommqca9377_firmwareMatch-

AND

qualcommqca9377Match-

Node

qualcommqca9379_firmwareMatch-

AND

qualcommqca9379Match-

Node

qualcommqca9558_firmwareMatch-

AND

qualcommqca9558Match-

Node

qualcommqca9880_firmwareMatch-

AND

qualcommqca9880Match-

Node

qualcommqca9886_firmwareMatch-

AND

qualcommqca9886Match-

Node

qualcommqca9980_firmwareMatch-

AND

qualcommqca9980Match-

Node

qualcommsda660_firmwareMatch-

AND

qualcommsda660Match-

Node

qualcommsdm630_firmwareMatch-

AND

qualcommsdm630Match-

Node

qualcommsdm636_firmwareMatch-

AND

qualcommsdm636Match-

Node

qualcommsdm660_firmwareMatch-

AND

qualcommsdm660Match-

Node

qualcommsdx20_firmwareMatch-

AND

qualcommsdx20Match-

Node

qualcommsdx24_firmwareMatch-

AND

qualcommsdx24Match-

VendorProductVersionCPE
qualcommapq8009-cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*
qualcommapq8009_firmware-cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
qualcommapq8053-cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
qualcommapq8053_firmware-cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
qualcommapq8064-cpe:2.3:h:qualcomm:apq8064:-:*:*:*:*:*:*:*
qualcommapq8064_firmware-cpe:2.3:o:qualcomm:apq8064_firmware:-:*:*:*:*:*:*:*
qualcommapq8096au-cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*
qualcommapq8096au_firmware-cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
qualcommipq4019-cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*
qualcommipq4019_firmware-cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	apq8009	-	cpe:2.3:h:qualcomm:apq8009:-:::::::*
qualcomm	apq8009_firmware	-	cpe:2.3:o:qualcomm:apq8009_firmware:-:::::::*
qualcomm	apq8053	-	cpe:2.3:h:qualcomm:apq8053:-:::::::*
qualcomm	apq8053_firmware	-	cpe:2.3:o:qualcomm:apq8053_firmware:-:::::::*
qualcomm	apq8064	-	cpe:2.3:h:qualcomm:apq8064:-:::::::*
qualcomm	apq8064_firmware	-	cpe:2.3:o:qualcomm:apq8064_firmware:-:::::::*
qualcomm	apq8096au	-	cpe:2.3:h:qualcomm:apq8096au:-:::::::*
qualcomm	apq8096au_firmware	-	cpe:2.3:o:qualcomm:apq8096au_firmware:-:::::::*
qualcomm	ipq4019	-	cpe:2.3:h:qualcomm:ipq4019:-:::::::*
qualcomm	ipq4019_firmware	-	cpe:2.3:o:qualcomm:ipq4019_firmware:-:::::::*

Rows per page:

1-10 of 601

References

www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2019-10595

cvelist1 prion1 cve1