cnvd-2019-28290
Vulnerability from cnvd
Title
Qualcomm WLAN芯片远程代码执行漏洞
Description
Qualcomm WLAN芯片是高通平台处理WLAN/WIFI协议的专用芯片,属于高通Baseband子系统,用于提高WLAN/WIFI处理速度和性能,降低能耗。 Qualcomm WLAN芯片存在远程代码执行漏洞。攻击者可以通过控制WLAN固件,最终导致在服务器上执行任意代码。
Severity
Patch Name
Qualcomm WLAN芯片远程代码执行漏洞的补丁
Patch Description
Qualcomm WLAN芯片是高通平台处理WLAN/WIFI协议的专用芯片,属于高通Baseband子系统,用于提高WLAN/WIFI处理速度和性能,降低能耗。 Qualcomm WLAN芯片存在远程代码执行漏洞。攻击者可以通过控制WLAN固件,最终导致在服务器上执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

用户可参考如下供应商提供的安全公告获得补丁信息: https://www.qualcomm.com/company/product-security/bulletins

Reference
https://www.qualcomm.com/company/product-security/bulletins
Impacted products
Name
['Qualcomm SD 212', 'Qualcomm SD 205', 'Qualcomm SDX20', 'Qualcomm SD 425', 'Qualcomm SD 820A', 'Qualcomm SD 427', 'Qualcomm SD 435', 'Qualcomm SDM630', 'Qualcomm SDM660', 'Qualcomm QCA6584', 'Qualcomm MDM9607', 'Qualcomm SD 845', 'Qualcomm SD 835', 'Qualcomm SD 210', 'Qualcomm SD 850', 'Qualcomm MSM8996AU', 'Qualcomm SD 430', 'Qualcomm SDX24', 'Qualcomm SXR1130', 'Qualcomm MDM9650', 'Qualcomm MDM9640', 'Qualcomm QCA8081', 'Qualcomm IPQ8074', 'Qualcomm SD 632', 'Qualcomm SD 8CX', 'Qualcomm SDM439', 'Qualcomm SD 439', 'Qualcomm SD 636', 'Qualcomm SD 710', 'Qualcomm SD 855', 'Qualcomm QCS605', 'Qualcomm Qualcomm 215', 'Qualcomm QCA9379', 'Qualcomm SD 820', 'Qualcomm SDA660', 'Qualcomm QCA6174A', 'Qualcomm QCA6574AU', 'Qualcomm QCS405', 'Qualcomm SD 427', 'Qualcomm SD 435', 'Qualcomm SD 450', 'Qualcomm SD 675', 'Qualcomm SD 712', 'Qualcomm SD 730', 'Qualcomm SD 665']
Show details on source website

To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-10539"
    }
  },
  "description": "Qualcomm WLAN\u82af\u7247\u662f\u9ad8\u901a\u5e73\u53f0\u5904\u7406WLAN/WIFI\u534f\u8bae\u7684\u4e13\u7528\u82af\u7247\uff0c\u5c5e\u4e8e\u9ad8\u901aBaseband\u5b50\u7cfb\u7edf\uff0c\u7528\u4e8e\u63d0\u9ad8WLAN/WIFI\u5904\u7406\u901f\u5ea6\u548c\u6027\u80fd\uff0c\u964d\u4f4e\u80fd\u8017\u3002\n\nQualcomm WLAN\u82af\u7247\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u63a7\u5236WLAN\u56fa\u4ef6\uff0c\u6700\u7ec8\u5bfc\u81f4\u5728\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "\u817e\u8baf\u5b89\u5168\u5e73\u53f0\u90e8Tencent Blade Team",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://www.qualcomm.com/company/product-security/bulletins",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-28290",
  "openTime": "2019-08-22",
  "patchDescription": "Qualcomm WLAN\u82af\u7247\u662f\u9ad8\u901a\u5e73\u53f0\u5904\u7406WLAN/WIFI\u534f\u8bae\u7684\u4e13\u7528\u82af\u7247\uff0c\u5c5e\u4e8e\u9ad8\u901aBaseband\u5b50\u7cfb\u7edf\uff0c\u7528\u4e8e\u63d0\u9ad8WLAN/WIFI\u5904\u7406\u901f\u5ea6\u548c\u6027\u80fd\uff0c\u964d\u4f4e\u80fd\u8017\u3002\r\n\r\nQualcomm WLAN\u82af\u7247\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u63a7\u5236WLAN\u56fa\u4ef6\uff0c\u6700\u7ec8\u5bfc\u81f4\u5728\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Qualcomm WLAN\u82af\u7247\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Qualcomm SD 212",
      "Qualcomm SD 205",
      "Qualcomm SDX20",
      "Qualcomm SD 425",
      "Qualcomm SD 820A",
      "Qualcomm SD 427",
      "Qualcomm SD 435",
      "Qualcomm SDM630",
      "Qualcomm SDM660",
      "Qualcomm QCA6584",
      "Qualcomm MDM9607",
      "Qualcomm SD 845",
      "Qualcomm SD 835",
      "Qualcomm SD 210",
      "Qualcomm SD 850",
      "Qualcomm MSM8996AU",
      "Qualcomm SD 430",
      "Qualcomm SDX24",
      "Qualcomm SXR1130",
      "Qualcomm MDM9650",
      "Qualcomm MDM9640",
      "Qualcomm QCA8081",
      "Qualcomm IPQ8074",
      "Qualcomm SD 632",
      "Qualcomm SD 8CX",
      "Qualcomm SDM439",
      "Qualcomm SD 439",
      "Qualcomm SD 636",
      "Qualcomm SD 710",
      "Qualcomm SD 855",
      "Qualcomm QCS605",
      "Qualcomm Qualcomm 215",
      "Qualcomm QCA9379",
      "Qualcomm SD 820",
      "Qualcomm SDA660",
      "Qualcomm QCA6174A",
      "Qualcomm QCA6574AU",
      "Qualcomm QCS405",
      "Qualcomm SD 427",
      "Qualcomm SD 435",
      "Qualcomm SD 450",
      "Qualcomm SD 675",
      "Qualcomm SD 712",
      "Qualcomm SD 730",
      "Qualcomm SD 665"
    ]
  },
  "referenceLink": "https://www.qualcomm.com/company/product-security/bulletins",
  "serverity": "\u9ad8",
  "submitTime": "2019-08-22",
  "title": "Qualcomm WLAN\u82af\u7247\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.