Published: 04/04/2019 Updated: 07/04/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Qualcomm Snapdragon products could allow a remote malicious user to execute arbitrary code on the system, caused by an integer overflow in the QCPE create function. By sending a specially-crafted request, an attacker could overflow a buffer and execute arbitrary code on the system.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qualcomm mdm9206_firmware -

qualcomm mdm9607_firmware -

qualcomm mdm9650_firmware -

qualcomm mdm9655_firmware -

qualcomm msm8996au_firmware -

qualcomm sd_410_firmware -

qualcomm sd_412_firmware -

qualcomm sd_820a_firmware -