CVE-2019-10589
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Lack of length check of response buffer can lead to buffer over-flow while GP command response buffer handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, MDM9206, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, QM215, SDA660, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660
Una falta de comprobación de la longitud del búfer de respuesta puede conllevar a un desbordamiento del búfer mientras se maneja el búfer de respuesta del comando GP en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking en versiones APQ8017, APQ8053, APQ8098, MDM9206, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, QM215, SDA660, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-03-29 CVE Reserved
- 2020-04-16 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin | 2020-04-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Apq8017 Firmware Search vendor "Qualcomm" for product "Apq8017 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8017 Search vendor "Qualcomm" for product "Apq8017" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Apq8053 Firmware Search vendor "Qualcomm" for product "Apq8053 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8053 Search vendor "Qualcomm" for product "Apq8053" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Apq8098 Firmware Search vendor "Qualcomm" for product "Apq8098 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8098 Search vendor "Qualcomm" for product "Apq8098" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9206 Firmware Search vendor "Qualcomm" for product "Mdm9206 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9206 Search vendor "Qualcomm" for product "Mdm9206" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9607 Firmware Search vendor "Qualcomm" for product "Mdm9607 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9607 Search vendor "Qualcomm" for product "Mdm9607" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8917 Firmware Search vendor "Qualcomm" for product "Msm8917 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8917 Search vendor "Qualcomm" for product "Msm8917" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8920 Firmware Search vendor "Qualcomm" for product "Msm8920 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8920 Search vendor "Qualcomm" for product "Msm8920" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8937 Firmware Search vendor "Qualcomm" for product "Msm8937 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8937 Search vendor "Qualcomm" for product "Msm8937" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8940 Firmware Search vendor "Qualcomm" for product "Msm8940 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8940 Search vendor "Qualcomm" for product "Msm8940" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8953 Firmware Search vendor "Qualcomm" for product "Msm8953 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8953 Search vendor "Qualcomm" for product "Msm8953" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8998 Firmware Search vendor "Qualcomm" for product "Msm8998 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8998 Search vendor "Qualcomm" for product "Msm8998" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qm215 Firmware Search vendor "Qualcomm" for product "Qm215 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qm215 Search vendor "Qualcomm" for product "Qm215" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sda660 Firmware Search vendor "Qualcomm" for product "Sda660 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sda660 Search vendor "Qualcomm" for product "Sda660" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm429 Firmware Search vendor "Qualcomm" for product "Sdm429 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm429 Search vendor "Qualcomm" for product "Sdm429" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm439 Firmware Search vendor "Qualcomm" for product "Sdm439 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm439 Search vendor "Qualcomm" for product "Sdm439" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm450 Firmware Search vendor "Qualcomm" for product "Sdm450 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm450 Search vendor "Qualcomm" for product "Sdm450" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm630 Firmware Search vendor "Qualcomm" for product "Sdm630 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm630 Search vendor "Qualcomm" for product "Sdm630" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm632 Firmware Search vendor "Qualcomm" for product "Sdm632 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm632 Search vendor "Qualcomm" for product "Sdm632" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm636 Firmware Search vendor "Qualcomm" for product "Sdm636 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm636 Search vendor "Qualcomm" for product "Sdm636" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm660 Firmware Search vendor "Qualcomm" for product "Sdm660 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm660 Search vendor "Qualcomm" for product "Sdm660" | - | - |
Safe
|