CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:P/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
AI Score
Confidence
High
EPSS
Percentile
41.9%
BT process died and BT toggled due to null pointer dereference when invalid vendor pass through command sent from remote in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 675, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660
Vendor | Product | Version | CPE |
---|---|---|---|
qualcomm | qcs405 | - | cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:* |
qualcomm | qcs405_firmware | - | cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:* |
qualcomm | qcs605 | - | cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:* |
qualcomm | qcs605_firmware | - | cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:* |
qualcomm | sd_636 | - | cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:* |
qualcomm | sd_636_firmware | - | cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:* |
qualcomm | sd_675 | - | cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:* |
qualcomm | sd_675_firmware | - | cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:* |
qualcomm | sd_730 | - | cpe:2.3:h:qualcomm:sd_730:-:*:*:*:*:*:*:* |
qualcomm | sd_730_firmware | - | cpe:2.3:o:qualcomm:sd_730_firmware:-:*:*:*:*:*:*:* |
[
{
"product": "Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "QCS405, QCS605, SD 636, SD 675, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660"
}
]
}
]
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:P/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
AI Score
Confidence
High
EPSS
Percentile
41.9%