// For flags

CVE-2019-10595

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24

Una posible sobrescritura del búfer en el manejador de mensajes debido a una falta de comprobación del valor de tid calculado a partir de los paquetes recibidos desde el firmware en los productos Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking en las versiones APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-03-29 CVE Reserved
  • 2019-12-18 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Qualcomm
Search vendor "Qualcomm"
Apq8009 Firmware
Search vendor "Qualcomm" for product "Apq8009 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Apq8009
Search vendor "Qualcomm" for product "Apq8009"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Apq8053 Firmware
Search vendor "Qualcomm" for product "Apq8053 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Apq8053
Search vendor "Qualcomm" for product "Apq8053"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Apq8064 Firmware
Search vendor "Qualcomm" for product "Apq8064 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Apq8064
Search vendor "Qualcomm" for product "Apq8064"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Apq8096au Firmware
Search vendor "Qualcomm" for product "Apq8096au Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Apq8096au
Search vendor "Qualcomm" for product "Apq8096au"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Ipq4019 Firmware
Search vendor "Qualcomm" for product "Ipq4019 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Ipq4019
Search vendor "Qualcomm" for product "Ipq4019"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Ipq8064 Firmware
Search vendor "Qualcomm" for product "Ipq8064 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Ipq8064
Search vendor "Qualcomm" for product "Ipq8064"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9206 Firmware
Search vendor "Qualcomm" for product "Mdm9206 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9206
Search vendor "Qualcomm" for product "Mdm9206"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9207c Firmware
Search vendor "Qualcomm" for product "Mdm9207c Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9207c
Search vendor "Qualcomm" for product "Mdm9207c"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9607 Firmware
Search vendor "Qualcomm" for product "Mdm9607 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9607
Search vendor "Qualcomm" for product "Mdm9607"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9615 Firmware
Search vendor "Qualcomm" for product "Mdm9615 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9615
Search vendor "Qualcomm" for product "Mdm9615"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9640 Firmware
Search vendor "Qualcomm" for product "Mdm9640 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9640
Search vendor "Qualcomm" for product "Mdm9640"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Mdm9650 Firmware
Search vendor "Qualcomm" for product "Mdm9650 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Mdm9650
Search vendor "Qualcomm" for product "Mdm9650"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8909 Firmware
Search vendor "Qualcomm" for product "Msm8909 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8909
Search vendor "Qualcomm" for product "Msm8909"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8909 Firmware
Search vendor "Qualcomm" for product "Msm8909 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8909
Search vendor "Qualcomm" for product "Msm8909"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8939 Firmware
Search vendor "Qualcomm" for product "Msm8939 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8939
Search vendor "Qualcomm" for product "Msm8939"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Msm8996au Firmware
Search vendor "Qualcomm" for product "Msm8996au Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Msm8996au
Search vendor "Qualcomm" for product "Msm8996au"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca4531 Firmware
Search vendor "Qualcomm" for product "Qca4531 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca4531
Search vendor "Qualcomm" for product "Qca4531"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca6174a Firmware
Search vendor "Qualcomm" for product "Qca6174a Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca6174a
Search vendor "Qualcomm" for product "Qca6174a"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca6574au Firmware
Search vendor "Qualcomm" for product "Qca6574au Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca6574au
Search vendor "Qualcomm" for product "Qca6574au"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca9377 Firmware
Search vendor "Qualcomm" for product "Qca9377 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca9377
Search vendor "Qualcomm" for product "Qca9377"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca9379 Firmware
Search vendor "Qualcomm" for product "Qca9379 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca9379
Search vendor "Qualcomm" for product "Qca9379"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca9558 Firmware
Search vendor "Qualcomm" for product "Qca9558 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca9558
Search vendor "Qualcomm" for product "Qca9558"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca9880 Firmware
Search vendor "Qualcomm" for product "Qca9880 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca9880
Search vendor "Qualcomm" for product "Qca9880"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca9886 Firmware
Search vendor "Qualcomm" for product "Qca9886 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca9886
Search vendor "Qualcomm" for product "Qca9886"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Qca9980 Firmware
Search vendor "Qualcomm" for product "Qca9980 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Qca9980
Search vendor "Qualcomm" for product "Qca9980"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sda660 Firmware
Search vendor "Qualcomm" for product "Sda660 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sda660
Search vendor "Qualcomm" for product "Sda660"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm630 Firmware
Search vendor "Qualcomm" for product "Sdm630 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm630
Search vendor "Qualcomm" for product "Sdm630"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm636 Firmware
Search vendor "Qualcomm" for product "Sdm636 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm636
Search vendor "Qualcomm" for product "Sdm636"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdm660 Firmware
Search vendor "Qualcomm" for product "Sdm660 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdm660
Search vendor "Qualcomm" for product "Sdm660"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdx20 Firmware
Search vendor "Qualcomm" for product "Sdx20 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdx20
Search vendor "Qualcomm" for product "Sdx20"
--
Safe
Qualcomm
Search vendor "Qualcomm"
Sdx24 Firmware
Search vendor "Qualcomm" for product "Sdx24 Firmware"
--
Affected
in Qualcomm
Search vendor "Qualcomm"
Sdx24
Search vendor "Qualcomm" for product "Sdx24"
--
Safe