Published: 11/02/2019 Updated: 21/02/2019

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

If an end user makes use of SCP11 sample OCE code without modification it could lead to a buffer overflow when transmitting a CAPDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile in versions MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 820, SD 820A, SD 835, SD 8CX, SDA660, SDM630, SDM660.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qualcomm mdm9607_firmware -
qualcomm mdm9650_firmware -
qualcomm mdm9655_firmware -
qualcomm msm8996au_firmware -
qualcomm sd_210_firmware -
qualcomm sd_212_firmware -
qualcomm sd_205_firmware -
qualcomm sd_410_firmware -
qualcomm sd_412_firmware -
qualcomm sd_636_firmware -
qualcomm sd_820_firmware -
qualcomm sd_820a_firmware -
qualcomm sd_835_firmware -
qualcomm sd_8cx_firmware -
qualcomm sda660_firmware -
qualcomm sdm630_firmware -
qualcomm sdm660_firmware -

CWE-190 https://www.qualcomm.com/company/product-security/bulletins https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-11855

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect