CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
42.7%
Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music
Vendor | Product | Version | CPE |
---|---|---|---|
qualcomm | apq8009_firmware | - | cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:* |
qualcomm | apq8009 | - | cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:* |
qualcomm | apq8017_firmware | - | cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:* |
qualcomm | apq8017 | - | cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:* |
qualcomm | apq8053_firmware | - | cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:* |
qualcomm | apq8053 | - | cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:* |
qualcomm | apq8096au_firmware | - | cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:* |
qualcomm | apq8096au | - | cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:* |
qualcomm | csrb31024_firmware | - | cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:* |
qualcomm | csrb31024 | - | cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:* |
[
{
"product": "Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009, APQ8017, APQ8053, APQ8096AU, CSRB31024, MDM9206, MDM9250, MDM9607, MDM9626, MDM9628, MDM9640, MDM9650, MDM9655, MSM8996AU, QCA4020, QCA4531, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA9367, QCA9369, QCA9377, QCA9379, QCA9886, QCM2290, QCS2290, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD210, SD480, SD690 5G, SD750G, SD765, SD765G, SD768G, SD820, SD821, SD845, SDX20, SDX20M, SDX24, SDX55, SM7250P, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3988, WCN3990, WCN3991, WCN3998, WSA8810, WSA8815, WSA8830, WSA8835"
}
]
}
]
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
42.7%