// For flags

CVE-2017-18124

 

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20

Durante el arranque seguro, se realiza una suma en uint8 ptrs, lo que conduce a un problema de desbordamiento en Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 y SDX20.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-02-05 CVE Reserved
  • 2018-10-26 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Qualcomm
Search vendor "Qualcomm"
Fsm9055 Firmware
Search vendor "Qualcomm" for product "Fsm9055 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Fsm9055
Search vendor "Qualcomm" for product "Fsm9055"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Ipq4019 Firmware
Search vendor "Qualcomm" for product "Ipq4019 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Ipq4019
Search vendor "Qualcomm" for product "Ipq4019"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9206 Firmware
Search vendor "Qualcomm" for product "Mdm9206 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9206
Search vendor "Qualcomm" for product "Mdm9206"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9607 Firmware
Search vendor "Qualcomm" for product "Mdm9607 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9607
Search vendor "Qualcomm" for product "Mdm9607"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9625 Firmware
Search vendor "Qualcomm" for product "Mdm9625 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9625
Search vendor "Qualcomm" for product "Mdm9625"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9635m Firmware
Search vendor "Qualcomm" for product "Mdm9635m Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9635m
Search vendor "Qualcomm" for product "Mdm9635m"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9640 Firmware
Search vendor "Qualcomm" for product "Mdm9640 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9640
Search vendor "Qualcomm" for product "Mdm9640"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9645 Firmware
Search vendor "Qualcomm" for product "Mdm9645 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9645
Search vendor "Qualcomm" for product "Mdm9645"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9650 Firmware
Search vendor "Qualcomm" for product "Mdm9650 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9650
Search vendor "Qualcomm" for product "Mdm9650"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9655 Firmware
Search vendor "Qualcomm" for product "Mdm9655 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9655
Search vendor "Qualcomm" for product "Mdm9655"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8909w Firmware
Search vendor "Qualcomm" for product "Msm8909w Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8909w
Search vendor "Qualcomm" for product "Msm8909w"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8996au Firmware
Search vendor "Qualcomm" for product "Msm8996au Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8996au
Search vendor "Qualcomm" for product "Msm8996au"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 210 Firmware
Search vendor "Qualcomm" for product "Sd 210 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 210
Search vendor "Qualcomm" for product "Sd 210"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 212 Firmware
Search vendor "Qualcomm" for product "Sd 212 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 212
Search vendor "Qualcomm" for product "Sd 212"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 205 Firmware
Search vendor "Qualcomm" for product "Sd 205 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 205
Search vendor "Qualcomm" for product "Sd 205"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 410 Firmware
Search vendor "Qualcomm" for product "Sd 410 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 410
Search vendor "Qualcomm" for product "Sd 410"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 412 Firmware
Search vendor "Qualcomm" for product "Sd 412 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 412
Search vendor "Qualcomm" for product "Sd 412"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 425 Firmware
Search vendor "Qualcomm" for product "Sd 425 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 425
Search vendor "Qualcomm" for product "Sd 425"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 430 Firmware
Search vendor "Qualcomm" for product "Sd 430 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 430
Search vendor "Qualcomm" for product "Sd 430"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 450 Firmware
Search vendor "Qualcomm" for product "Sd 450 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 450
Search vendor "Qualcomm" for product "Sd 450"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 615 Firmware
Search vendor "Qualcomm" for product "Sd 615 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 615
Search vendor "Qualcomm" for product "Sd 615"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 616 Firmware
Search vendor "Qualcomm" for product "Sd 616 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 616
Search vendor "Qualcomm" for product "Sd 616"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 415 Firmware
Search vendor "Qualcomm" for product "Sd 415 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 415
Search vendor "Qualcomm" for product "Sd 415"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 617 Firmware
Search vendor "Qualcomm" for product "Sd 617 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 617
Search vendor "Qualcomm" for product "Sd 617"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 625 Firmware
Search vendor "Qualcomm" for product "Sd 625 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 625
Search vendor "Qualcomm" for product "Sd 625"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 650 Firmware
Search vendor "Qualcomm" for product "Sd 650 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 650
Search vendor "Qualcomm" for product "Sd 650"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 652 Firmware
Search vendor "Qualcomm" for product "Sd 652 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 652
Search vendor "Qualcomm" for product "Sd 652"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 800 Firmware
Search vendor "Qualcomm" for product "Sd 800 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 800
Search vendor "Qualcomm" for product "Sd 800"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 810 Firmware
Search vendor "Qualcomm" for product "Sd 810 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 810
Search vendor "Qualcomm" for product "Sd 810"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 820 Firmware
Search vendor "Qualcomm" for product "Sd 820 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 820
Search vendor "Qualcomm" for product "Sd 820"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 820a Firmware
Search vendor "Qualcomm" for product "Sd 820a Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 820a
Search vendor "Qualcomm" for product "Sd 820a"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 835 Firmware
Search vendor "Qualcomm" for product "Sd 835 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 835
Search vendor "Qualcomm" for product "Sd 835"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 845 Firmware
Search vendor "Qualcomm" for product "Sd 845 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 845
Search vendor "Qualcomm" for product "Sd 845"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd 850 Firmware
Search vendor "Qualcomm" for product "Sd 850 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd 850
Search vendor "Qualcomm" for product "Sd 850"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sda660 Firmware
Search vendor "Qualcomm" for product "Sda660 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sda660
Search vendor "Qualcomm" for product "Sda660"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdx20 Firmware
Search vendor "Qualcomm" for product "Sdx20 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdx20
Search vendor "Qualcomm" for product "Sdx20"
--
Safe