ID CVE-2019-14116
Summary Privilege escalation by using an altered debug policy image can occur as the XPU protecting the debug policy regions are disabled during the crash dump boot flow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018
References
Vulnerable Configurations
  • cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE CWE-862
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
confirm https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin
Last major update 24-08-2020 - 17:37
Published 16-04-2020 - 11:15
Last modified 24-08-2020 - 17:37
Back to Top