CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
12.6%
Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Vendor | Product | Version | CPE |
---|---|---|---|
qualcomm | apq8096au_firmware | - | cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:* |
qualcomm | apq8096au | - | cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:* |
qualcomm | mdm9650_firmware | - | cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:* |
qualcomm | mdm9650 | - | cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:* |
qualcomm | qca6174a_firmware | - | cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:* |
qualcomm | qca6174a | - | cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:* |
qualcomm | qca6574au_firmware | - | cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:* |
qualcomm | qca6574au | - | cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:* |
qualcomm | qcs603_firmware | - | cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:* |
qualcomm | qcs603 | - | cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:* |
[
{
"product": "Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8096AU, MDM9650, QCA6174A, QCA6574AU, QCS603, QCS605, Qualcomm215, SD429, SD820, SDM429W, WCD9326, WCD9335, WCD9341, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3980, WCN3990, WSA8810, WSA8815"
}
]
}
]