var-201912-1755
Vulnerability from variot
Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and so on are the products of American Qualcomm. MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product.
A buffer overflow vulnerability exists in the Multi-mode Call processor in multiple Qualcomm products. This vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in the execution of an incorrect For read and write operations, an attacker can use this vulnerability to cause a buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1755",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "msm8909",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8953",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sc8180x",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8917",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8998",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm429",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx24",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9615",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm450",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm710",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9645",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm660",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9655",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9640",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8940",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sxr1130",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcm2150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm8150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx55",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sda845",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm636",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8996au",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9625",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm7150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs605",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sm6150",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm632",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm670",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9650",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9205",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm630",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm850",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "qm215",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdm439",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "nicobar",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8909w",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8905",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9635m",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8920",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "sdx20",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8937",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm8939",
"scope": "eq",
"trust": 1.0,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8009",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8017",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8053",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8096au",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq8098",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9150",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9205",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9206",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm9607",
"scope": null,
"trust": 0.8,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8017"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8053"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8009"
},
{
"model": "apq 8096au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8098"
},
{
"model": "apq",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8096"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9150"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9607"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9206"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9640"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9205"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9615"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9625"
},
{
"model": "mdm 9635m",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9655"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9645"
},
{
"model": "mdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "9650"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8909"
},
{
"model": "msm 8996au",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm 8909w",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8998"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8905"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8917"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8920"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8937"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8939"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8940"
},
{
"model": "msm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8953"
},
{
"model": "nicobar",
"scope": null,
"trust": 0.6,
"vendor": "qualcomm",
"version": null
},
{
"model": "qcs",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "605"
},
{
"model": "qm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "215"
},
{
"model": "sc",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8180x"
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sda",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "845"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "439"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "630"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "660"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "636"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "670"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "710"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "845"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "850"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "429"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "450"
},
{
"model": "sdm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "632"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "24"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "20"
},
{
"model": "sdx",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "55"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "6150"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "7150"
},
{
"model": "sm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "8150"
},
{
"model": "sxr",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "1130"
},
{
"model": "qcm",
"scope": "eq",
"trust": 0.6,
"vendor": "qualcomm",
"version": "2150"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03580"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"db": "NVD",
"id": "CVE-2019-10487"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:apq8009_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8017_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8053_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8096au_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:apq8098_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9205_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9206_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:qualcomm:mdm9607_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
}
]
},
"cve": "CVE-2019-10487",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10487",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-03580",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10487",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10487",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10487",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-10487",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-03580",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-105",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03580"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-105"
},
{
"db": "NVD",
"id": "CVE-2019-10487"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and so on are the products of American Qualcomm. MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. MDM9640 is a central processing unit (CPU) product. \n\r\n\r\nA buffer overflow vulnerability exists in the Multi-mode Call processor in multiple Qualcomm products. This vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in the execution of an incorrect For read and write operations, an attacker can use this vulnerability to cause a buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10487"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"db": "CNVD",
"id": "CNVD-2020-03580"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10487",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013401",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03580",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-105",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03580"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-105"
},
{
"db": "NVD",
"id": "CVE-2019-10487"
}
]
},
"id": "VAR-201912-1755",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03580"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03580"
}
]
},
"last_update_date": "2024-11-23T22:25:39.045000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2019 Security Bulletin",
"trust": 0.8,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"title": "Patch for Multiple Qualcomm Product Buffer Overflow Vulnerabilities (CNVD-2020-03580)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/198863"
},
{
"title": "Multiple Qualcomm Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105733"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03580"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-105"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"db": "NVD",
"id": "CVE-2019-10487"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10487"
},
{
"trust": 1.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10487"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2019-31041"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03580"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-105"
},
{
"db": "NVD",
"id": "CVE-2019-10487"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-03580"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-105"
},
{
"db": "NVD",
"id": "CVE-2019-10487"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03580"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"date": "2019-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-105"
},
{
"date": "2019-12-18T06:15:11.283000",
"db": "NVD",
"id": "CVE-2019-10487"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03580"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013401"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-105"
},
{
"date": "2024-11-21T04:19:15.397000",
"db": "NVD",
"id": "CVE-2019-10487"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-105"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Snapdragon Product out-of-bounds vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013401"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-105"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…