Published: 06/11/2019 Updated: 08/11/2019

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SDX20

Vulnerable Product	Search on Vulmon	Subscribe to Product
qualcomm mdm9150_firmware -
qualcomm mdm9206_firmware -
qualcomm mdm9607_firmware -
qualcomm mdm9615_firmware -
qualcomm mdm9640_firmware -
qualcomm mdm9650_firmware -
qualcomm msm8996au_firmware -
qualcomm qca6174a_firmware -
qualcomm qca6574au_firmware -
qualcomm qca9377_firmware -
qualcomm qca9379_firmware -
qualcomm sd_210_firmware -
qualcomm sd_212_firmware -
qualcomm sd_205_firmware -
qualcomm sd_425_firmware -
qualcomm sd_427_firmware -
qualcomm sd_430_firmware -
qualcomm sd_435_firmware -
qualcomm sd_450_firmware -
qualcomm sd_600_firmware -
qualcomm sd_625_firmware -
qualcomm sd_712_firmware -
qualcomm sd_710_firmware -
qualcomm sd_670_firmware -
qualcomm sd_820_firmware -
qualcomm sd_820a_firmware -
qualcomm sd_845_firmware -
qualcomm sd_850_firmware -
qualcomm sdx20_firmware -

CWE-125 https://source.android.com/security/bulletin/https://nvd.nist.gov

CVE-2019-10542

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect