CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:C/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
20.0%
In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, a crafted HLOS client can modify the structure in memory passed to a QSEE application between the time of check and the time of use, resulting in arbitrary writes to TZ kernel memory regions.
Vendor | Product | Version | CPE |
---|---|---|---|
qualcomm | msm8996au_firmware | - | cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:* |
qualcomm | msm8996au | - | cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:* |
qualcomm | sd425_firmware | - | cpe:2.3:o:qualcomm:sd425_firmware:-:*:*:*:*:*:*:* |
qualcomm | sd425 | - | cpe:2.3:h:qualcomm:sd425:-:*:*:*:*:*:*:* |
qualcomm | sd427_firmware | - | cpe:2.3:o:qualcomm:sd427_firmware:-:*:*:*:*:*:*:* |
qualcomm | sd427 | - | cpe:2.3:h:qualcomm:sd427:-:*:*:*:*:*:*:* |
qualcomm | sd430_firmware | - | cpe:2.3:o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:* |
qualcomm | sd430 | - | cpe:2.3:h:qualcomm:sd430:-:*:*:*:*:*:*:* |
qualcomm | sd435_firmware | - | cpe:2.3:o:qualcomm:sd435_firmware:-:*:*:*:*:*:*:* |
qualcomm | sd435 | - | cpe:2.3:h:qualcomm:sd435:-:*:*:*:*:*:*:* |
[
{
"product": "Snapdragon Automobile, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "MSM8996AU, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016"
}
]
}
]
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:C/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
20.0%