Search criteria

3 vulnerabilities found for snapdragon_compute_firmware by qualcomm

CVE-2018-5839 (GCVE-0-2018-5839)

Vulnerability from cvelistv5 – Published: 2019-02-25 23:00 – Updated: 2024-08-05 05:47
VLAI?
Summary
Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130.
Severity ?
No CVSS data available.
CWE
  • Improper Access Control in Core
Assigner
References
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Affected: MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:47:55.932Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "name": "106845",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106845"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130"
            }
          ]
        }
      ],
      "datePublic": "2019-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Access Control in Core",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-02-26T10:57:01",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.qualcomm.com/company/product-security/bulletins"
        },
        {
          "name": "106845",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106845"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@qualcomm.com",
          "ID": "CVE-2018-5839",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Qualcomm, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Access Control in Core"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.qualcomm.com/company/product-security/bulletins",
              "refsource": "CONFIRM",
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106845",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106845"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2018-5839",
    "datePublished": "2019-02-25T23:00:00",
    "dateReserved": "2018-01-19T00:00:00",
    "dateUpdated": "2024-08-05T05:47:55.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-5839 (GCVE-0-2018-5839)

Vulnerability from nvd – Published: 2019-02-25 23:00 – Updated: 2024-08-05 05:47
VLAI?
Summary
Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130.
Severity ?
No CVSS data available.
CWE
  • Improper Access Control in Core
Assigner
References
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Affected: MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:47:55.932Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins"
          },
          {
            "name": "106845",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106845"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130"
            }
          ]
        }
      ],
      "datePublic": "2019-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Access Control in Core",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-02-26T10:57:01",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.qualcomm.com/company/product-security/bulletins"
        },
        {
          "name": "106845",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106845"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@qualcomm.com",
          "ID": "CVE-2018-5839",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Qualcomm, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Access Control in Core"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.qualcomm.com/company/product-security/bulletins",
              "refsource": "CONFIRM",
              "url": "https://www.qualcomm.com/company/product-security/bulletins"
            },
            {
              "name": "106845",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106845"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2018-5839",
    "datePublished": "2019-02-25T23:00:00",
    "dateReserved": "2018-01-19T00:00:00",
    "dateUpdated": "2024-08-05T05:47:55.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2018-5839

Vulnerability from fkie_nvd - Published: 2019-02-25 22:29 - Updated: 2024-11-21 04:09
Severity ?
7.1 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130.
References
product-security@qualcomm.comhttp://www.securityfocus.com/bid/106845Third Party Advisory, VDB Entry
product-security@qualcomm.comhttps://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/106845Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
Impacted products
Vendor Product Version
qualcomm snapdragon_auto_firmware -
qualcomm snapdragon_auto -
qualcomm snapdragon_compute_firmware -
qualcomm snapdragon_compute -
qualcomm snapdragon_consumer_internet_of_things_firmware -
qualcomm snapdragon_consumer_internet_of_things -
qualcomm snapdragon_industrial_internet_of_things_firmware -
qualcomm snapdragon_industrial_internet_of_things -
qualcomm mdm9150_firmware -
qualcomm mdm9150 -
qualcomm mdm9615_firmware -
qualcomm mdm9615 -
qualcomm mdm9625_firmware -
qualcomm mdm9625 -
qualcomm mdm9635m_firmware -
qualcomm mdm9635m -
qualcomm mdm9640_firmware -
qualcomm mdm9640 -
qualcomm mdm9650_firmware -
qualcomm mdm9650 -
qualcomm mdm9655_firmware -
qualcomm mdm9655 -
qualcomm msm8996au_firmware -
qualcomm msm8996au -
qualcomm qcs605_firmware -
qualcomm qcs605 -
qualcomm sd_636_firmware -
qualcomm sd_636 -
qualcomm sd_675_firmware -
qualcomm sd_675 -
qualcomm sd_712_firmware -
qualcomm sd_712 -
qualcomm sd_710_firmware -
qualcomm sd_710 -
qualcomm sd_670_firmware -
qualcomm sd_670 -
qualcomm sd_820_firmware -
qualcomm sd_820 -
qualcomm sd_820a_firmware -
qualcomm sd_820a -
qualcomm sd_835_firmware -
qualcomm sd_835 -
qualcomm sd_845_firmware -
qualcomm sd_845 -
qualcomm sd_850_firmware -
qualcomm sd_850 -
qualcomm sd_855_firmware -
qualcomm sd_855 -
qualcomm sd_8cx_firmware -
qualcomm sd_8cx -
qualcomm sda660_firmware -
qualcomm sda660 -
qualcomm sdm630_firmware -
qualcomm sdm630 -
qualcomm sdm660_firmware -
qualcomm sdm660 -
qualcomm sdx20_firmware -
qualcomm sdx20 -
qualcomm sxr1130_firmware -
qualcomm sxr1130 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6A118C-2EAD-40D4-B42B-6734362A644B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "721E2FF0-E060-459C-BF23-44DF21A2482B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_compute_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2919D0EF-EFC2-4D3E-BCAC-2723DDDFB1EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_compute:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A44ED73-5FDA-4DAD-ACE1-39E8779CD60F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_consumer_internet_of_things_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "798318A3-7DA4-464B-BAC7-4F7C160B06C0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_consumer_internet_of_things:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02878012-54CE-4972-8366-4DFC02F31BD3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_industrial_internet_of_things_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD7F0806-5270-4E67-B17D-A49A0D1A8563",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_industrial_internet_of_things:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20522339-3109-4772-AE21-F98FD13CFD24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E2F2D26-2833-45A4-81F0-8E9F338C1E13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB171B1-D163-4801-A241-8DD7193A5DCB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71E28EA6-0683-4755-8ABB-7F37DA810E4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4DF4D4E-CDAA-42BB-802E-2722E7F3DBC2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9625_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93AE9CA0-59C4-4C7E-8D5E-E0226117C45A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9625:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "467A5C4D-9909-44B5-9D1B-B746902FF094",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EF77DD1-BE11-4132-9889-646196FAE567",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB323C15-2018-4CB8-858E-56F088B03FBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FD1C359-C79B-4CE8-A192-5AA34D0BF05B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "716B747E-672C-4B95-9D8E-1262338E67EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B7E25E-FA92-4C36-883C-CFF36F4B3507",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECD99C6F-2444-4A5E-A517-0C8023DDF23D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7AFDBF8-D08A-4C98-B4A4-A4C7049DD05F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "520B217E-C02B-493D-8C11-E155E50357B0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05FD66D-13A6-40E9-A64B-E428378F237E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE94E380-CB75-462E-B411-BF38F17D53B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0947F38F-3DC2-45F1-B3B3-963922F32054",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BFF8872-645F-4A05-BAF9-7797CFBE37C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB91AFF-C149-4F5C-92EC-E78E66935528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B529780-DB0A-4F9C-AE63-6DEC593B86E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "669E7360-E8C3-4BB8-A3B6-61BD58AFAF62",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D49606C5-7306-4F33-864C-C1905594F09C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B43964AF-7CEC-420A-935B-D3895B2BAC70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E077FC03-F86F-417A-A3E6-BC88CB85C6F0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E016356C-94ED-4CDD-8351-97D265FE036E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E08016A2-E4FE-4E9C-A915-C66BE157AFB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "018452D0-007C-4740-B2AF-E5C8BBAC310F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CFF35A3-1472-4665-9DAB-1ABC45C0D5B4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F930E9BF-C502-49C6-8BE8-9A711B89FA1B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2D2B3B-CB28-46AA-9117-A7FA371FDE80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE18BF66-B0DB-48BB-B43A-56F01821F5A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C10C7CB-3B66-4F17-8146-6A85611E2BA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9DA765F-53DE-4FB0-B825-6C11B3177641",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_855_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91400943-3D25-4E44-9FFD-9E3076305D80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_855:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B16867-710D-4748-8636-635E2C6F7389",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2326BD7-28A5-4244-8501-B109913E7AE6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "532D244B-8B5A-4923-B7F1-9DC0A5FC0E9D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA0D645-80F6-48C3-AF0D-99198ADC8778",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "814FF3F3-CD5A-45A3-988C-6457D2CEB48C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24D7B67C-6FEC-48F8-9D46-778E4528BC20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05006807-D961-446C-B8DC-C87507F1316E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CE1B23-6FE3-41C4-B264-C7A9E8BDBEC1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "794BA13C-3C63-4695-AA45-676F85D904BE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "096F7BA5-FF58-416B-93EF-733B16326C86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AF958FB-1611-4102-A2DB-8D4311AE0D72",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130."
    },
    {
      "lang": "es",
      "value": "La protecci\u00f3n de memoria configurada de manera incorrecta permite el acceso de lectura/escritura a la imagen del m\u00f3dem del HLOS en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT y Snapdragon Mobile en versiones MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20 y SXR1130."
    }
  ],
  "id": "CVE-2018-5839",
  "lastModified": "2024-11-21T04:09:31.140",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 9.2,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-02-25T22:29:02.900",
  "references": [
    {
      "source": "product-security@qualcomm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106845"
    },
    {
      "source": "product-security@qualcomm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.qualcomm.com/company/product-security/bulletins"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.qualcomm.com/company/product-security/bulletins"
    }
  ],
  "sourceIdentifier": "product-security@qualcomm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}