Published: 30/09/2019 Updated: 02/10/2019

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM660, SDX20, SDX24

Vulnerable Product	Search on Vulmon	Subscribe to Product
qualcomm msm8909w_firmware -
qualcomm msm8996au_firmware -
qualcomm qcs405_firmware -
qualcomm qcs605_firmware -
qualcomm qualcomm_215_firmware -
qualcomm sd_425_firmware -
qualcomm sd_439_firmware -
qualcomm sd_429_firmware -
qualcomm sd_450_firmware -
qualcomm sd_625_firmware -
qualcomm sd_632_firmware -
qualcomm sd_636_firmware -
qualcomm sd_665_firmware -
qualcomm sd_675_firmware -
qualcomm sd_712_firmware -
qualcomm sd_710_firmware -
qualcomm sd_670_firmware -
qualcomm sd_730_firmware -
qualcomm sd_820a_firmware -
qualcomm sd_845_firmware -
qualcomm sd_850_firmware -
qualcomm sd_855_firmware -
qualcomm sda660_firmware -
qualcomm sdm439_firmware -
qualcomm sdm660_firmware -
qualcomm sdx20_firmware -
qualcomm sdx24_firmware -

It's 2019 – and you can completely pwn millions of Qualcomm-powered Androids over the air

The Register • Shaun Nichols in San Francisco • 06 Aug 2019

Grab security patches now from chip designer, Google Exposed: Lazy Android mobe makers couldn't care less about security

Black Hat It is possible to thoroughly hijack a nearby vulnerable Qualcomm-based Android phone, tablet, or similar gadget, via Wi-Fi, we learned on Monday. This likely affects millions of Android devices. Specifically, the following two security holes, dubbed Qualpwn and found by Tencent's Blade Team, can be leveraged one after the other to potentially take over a handheld: Thus, it is possible for a miscreant to join a nearby wireless network, seek out a vulnerable Qualcomm-powered Android devi...

The Register • Shaun Nichols in San Francisco • 06 Aug 2019

Grab security patches now from chip designer, Google Exposed: Lazy Android mobe makers couldn't care less about security

Black Hat It is possible to thoroughly hijack a nearby vulnerable Qualcomm-based Android phone, tablet, or similar gadget, via Wi-Fi, we learned on Monday. This likely affects millions of Android devices. Specifically, the following two security holes, dubbed Qualpwn and found by Tencent's Blade Team, can be leveraged one after the other to potentially take over a handheld: Thus, it is possible for a miscreant to join a nearby wireless network, seek out a vulnerable Qualcomm-powered Android devi...

CVE-2019-10538

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect