ID CVE-2017-18308
Summary Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430
References
Vulnerable Configurations
  • cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
confirm https://www.qualcomm.com/company/product-security/bulletins
sectrack 1041432
Last major update 03-10-2019 - 00:03
Published 26-10-2018 - 13:29
Last modified 03-10-2019 - 00:03
Back to Top