// For flags

CVE-2018-5871

 

Severity Score

6.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests (for privacy reasons) is not done properly due to a flawed RNG which produces repeating output much earlier than expected.

En Snapdragon (Automobile, Mobile y Wear) en versiones MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710 y Snapdragon_High_Med_2016, la aleatorización de direcciones MAC realizada durante las peticiones probe (por razones de privacidad) no se realizó correctamente debido al uso de un RGN con errores, lo cual producía salidas repetidas antes de lo esperado.

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-01-19 CVE Reserved
  • 2018-09-20 CVE Published
  • 2024-07-30 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Qualcomm
Search vendor "Qualcomm"
Mdm9206 Firmware
Search vendor "Qualcomm" for product "Mdm9206 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9206
Search vendor "Qualcomm" for product "Mdm9206"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9607 Firmware
Search vendor "Qualcomm" for product "Mdm9607 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9607
Search vendor "Qualcomm" for product "Mdm9607"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9640 Firmware
Search vendor "Qualcomm" for product "Mdm9640 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9640
Search vendor "Qualcomm" for product "Mdm9640"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9650 Firmware
Search vendor "Qualcomm" for product "Mdm9650 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9650
Search vendor "Qualcomm" for product "Mdm9650"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8996au Firmware
Search vendor "Qualcomm" for product "Msm8996au Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8996au
Search vendor "Qualcomm" for product "Msm8996au"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca6574au Firmware
Search vendor "Qualcomm" for product "Qca6574au Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca6574au
Search vendor "Qualcomm" for product "Qca6574au"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd210 Firmware
Search vendor "Qualcomm" for product "Sd210 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd210
Search vendor "Qualcomm" for product "Sd210"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd212 Firmware
Search vendor "Qualcomm" for product "Sd212 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd212
Search vendor "Qualcomm" for product "Sd212"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd205 Firmware
Search vendor "Qualcomm" for product "Sd205 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd205
Search vendor "Qualcomm" for product "Sd205"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd425 Firmware
Search vendor "Qualcomm" for product "Sd425 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd425
Search vendor "Qualcomm" for product "Sd425"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd427 Firmware
Search vendor "Qualcomm" for product "Sd427 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd427
Search vendor "Qualcomm" for product "Sd427"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd430 Firmware
Search vendor "Qualcomm" for product "Sd430 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd430
Search vendor "Qualcomm" for product "Sd430"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd435 Firmware
Search vendor "Qualcomm" for product "Sd435 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd435
Search vendor "Qualcomm" for product "Sd435"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd450 Firmware
Search vendor "Qualcomm" for product "Sd450 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd450
Search vendor "Qualcomm" for product "Sd450"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd615 Firmware
Search vendor "Qualcomm" for product "Sd615 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd615
Search vendor "Qualcomm" for product "Sd615"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd616 Firmware
Search vendor "Qualcomm" for product "Sd616 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd616
Search vendor "Qualcomm" for product "Sd616"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd415 Firmware
Search vendor "Qualcomm" for product "Sd415 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd415
Search vendor "Qualcomm" for product "Sd415"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd650 Firmware
Search vendor "Qualcomm" for product "Sd650 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd650
Search vendor "Qualcomm" for product "Sd650"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd652 Firmware
Search vendor "Qualcomm" for product "Sd652 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd652
Search vendor "Qualcomm" for product "Sd652"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd820a Firmware
Search vendor "Qualcomm" for product "Sd820a Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd820a
Search vendor "Qualcomm" for product "Sd820a"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd835 Firmware
Search vendor "Qualcomm" for product "Sd835 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd835
Search vendor "Qualcomm" for product "Sd835"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd845 Firmware
Search vendor "Qualcomm" for product "Sd845 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd845
Search vendor "Qualcomm" for product "Sd845"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sd850 Firmware
Search vendor "Qualcomm" for product "Sd850 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sd850
Search vendor "Qualcomm" for product "Sd850"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sda660 Firmware
Search vendor "Qualcomm" for product "Sda660 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sda660
Search vendor "Qualcomm" for product "Sda660"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm429 Firmware
Search vendor "Qualcomm" for product "Sdm429 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm429
Search vendor "Qualcomm" for product "Sdm429"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm439 Firmware
Search vendor "Qualcomm" for product "Sdm439 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm439
Search vendor "Qualcomm" for product "Sdm439"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm630 Firmware
Search vendor "Qualcomm" for product "Sdm630 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm630
Search vendor "Qualcomm" for product "Sdm630"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm632 Firmware
Search vendor "Qualcomm" for product "Sdm632 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm632
Search vendor "Qualcomm" for product "Sdm632"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm636 Firmware
Search vendor "Qualcomm" for product "Sdm636 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm636
Search vendor "Qualcomm" for product "Sdm636"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm660 Firmware
Search vendor "Qualcomm" for product "Sdm660 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm660
Search vendor "Qualcomm" for product "Sdm660"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm710 Firmware
Search vendor "Qualcomm" for product "Sdm710 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm710
Search vendor "Qualcomm" for product "Sdm710"
--
Safe