CVE-2019-10624
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, MSM8996AU, QCA6574AU, QCN7605, Rennell, SC8180X, SDM710, SDX55, SM7150, SM8150, SM8250, SXR2130
Mientras se maneja el comando vendor hay un problema de truncamiento de enteros que podría producir un desbordamiento del búfer debido a un tipo de dato int copiado a un tipo de dato u8 en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile en versiones APQ8096AU, MSM8996AU, QCA6574AU, QCN7605, Rennell, SC8180X, SDM710, SDX55, SM7150, SM8150, SM8250, SXR2130
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-03-29 CVE Reserved
- 2020-04-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-681: Incorrect Conversion between Numeric Types
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin | 2021-07-21 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Apq8096au Firmware Search vendor "Qualcomm" for product "Apq8096au Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8096au Search vendor "Qualcomm" for product "Apq8096au" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8996au Firmware Search vendor "Qualcomm" for product "Msm8996au Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8996au Search vendor "Qualcomm" for product "Msm8996au" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qca6574au Firmware Search vendor "Qualcomm" for product "Qca6574au Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca6574au Search vendor "Qualcomm" for product "Qca6574au" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcn7605 Firmware Search vendor "Qualcomm" for product "Qcn7605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcn7605 Search vendor "Qualcomm" for product "Qcn7605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Rennell Firmware Search vendor "Qualcomm" for product "Rennell Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Rennell Search vendor "Qualcomm" for product "Rennell" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sc8180x Firmware Search vendor "Qualcomm" for product "Sc8180x Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sc8180x Search vendor "Qualcomm" for product "Sc8180x" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm710 Firmware Search vendor "Qualcomm" for product "Sdm710 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm710 Search vendor "Qualcomm" for product "Sdm710" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx55 Firmware Search vendor "Qualcomm" for product "Sdx55 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx55 Search vendor "Qualcomm" for product "Sdx55" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm7150 Firmware Search vendor "Qualcomm" for product "Sm7150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm7150 Search vendor "Qualcomm" for product "Sm7150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm8150 Firmware Search vendor "Qualcomm" for product "Sm8150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm8150 Search vendor "Qualcomm" for product "Sm8150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm8250 Firmware Search vendor "Qualcomm" for product "Sm8250 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm8250 Search vendor "Qualcomm" for product "Sm8250" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sxr2130 Firmware Search vendor "Qualcomm" for product "Sxr2130 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sxr2130 Search vendor "Qualcomm" for product "Sxr2130" | - | - |
Safe
|