CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
26.4%
Possible address manipulation from APP-NS while APP-S is configuring an RG where it tries to merge the address ranges in Snapdragon Connectivity, Snapdragon Mobile
Vendor | Product | Version | CPE |
---|---|---|---|
qualcomm | sd_8_gen1_5g_firmware | - | cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:* |
qualcomm | sm8475 | - | cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:* |
qualcomm | sm7450_firmware | - | cpe:2.3:o:qualcomm:sm7450_firmware:-:*:*:*:*:*:*:* |
qualcomm | sm7450 | - | cpe:2.3:h:qualcomm:sm7450:-:*:*:*:*:*:*:* |
qualcomm | sm8475_firmware | - | cpe:2.3:o:qualcomm:sm8475_firmware:-:*:*:*:*:*:*:* |
qualcomm | sm8475p_firmware | - | cpe:2.3:o:qualcomm:sm8475p_firmware:-:*:*:*:*:*:*:* |
qualcomm | sm8475p | - | cpe:2.3:h:qualcomm:sm8475p:-:*:*:*:*:*:*:* |
qualcomm | wcd9370_firmware | - | cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:* |
qualcomm | wcd9370 | - | cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:* |
qualcomm | wcd9375_firmware | - | cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:* |
[
{
"product": "Snapdragon Connectivity, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "SD 8 Gen1 5G, SM7450, SM8475, SM8475P, WCD9370, WCD9375, WCD9380, WCD9385, WCN6750, WCN6855, WCN6856, WCN7851, WSA8830, WSA8832, WSA8835"
}
]
}
]
More
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
26.4%