CVE-2019-14053
Severity Score
7.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to a value that does not resolve to a valid XFRM mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Cuando se intenta crear una nueva política XFRM, una lectura de la pila fuera de límites ocurrirá si el usuario proporciona una plantilla donde el modo se establece en un valor que no se resuelve en un modo XFRM válido en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking en las versiones APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-07-19 CVE Reserved
- 2020-06-02 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin | 2020-06-03 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Apq8009 Firmware Search vendor "Qualcomm" for product "Apq8009 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8009 Search vendor "Qualcomm" for product "Apq8009" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Apq8053 Firmware Search vendor "Qualcomm" for product "Apq8053 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8053 Search vendor "Qualcomm" for product "Apq8053" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Apq8096au Firmware Search vendor "Qualcomm" for product "Apq8096au Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8096au Search vendor "Qualcomm" for product "Apq8096au" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Apq8098 Firmware Search vendor "Qualcomm" for product "Apq8098 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8098 Search vendor "Qualcomm" for product "Apq8098" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Ipq4019 Firmware Search vendor "Qualcomm" for product "Ipq4019 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Ipq4019 Search vendor "Qualcomm" for product "Ipq4019" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Ipq8074 Firmware Search vendor "Qualcomm" for product "Ipq8074 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Ipq8074 Search vendor "Qualcomm" for product "Ipq8074" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9206 Firmware Search vendor "Qualcomm" for product "Mdm9206 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9206 Search vendor "Qualcomm" for product "Mdm9206" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9207c Firmware Search vendor "Qualcomm" for product "Mdm9207c Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9207c Search vendor "Qualcomm" for product "Mdm9207c" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9607 Firmware Search vendor "Qualcomm" for product "Mdm9607 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9607 Search vendor "Qualcomm" for product "Mdm9607" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9640 Firmware Search vendor "Qualcomm" for product "Mdm9640 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9640 Search vendor "Qualcomm" for product "Mdm9640" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Mdm9650 Firmware Search vendor "Qualcomm" for product "Mdm9650 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Mdm9650 Search vendor "Qualcomm" for product "Mdm9650" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8905 Firmware Search vendor "Qualcomm" for product "Msm8905 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8905 Search vendor "Qualcomm" for product "Msm8905" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8909w Firmware Search vendor "Qualcomm" for product "Msm8909w Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8909w Search vendor "Qualcomm" for product "Msm8909w" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8917 Firmware Search vendor "Qualcomm" for product "Msm8917 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8917 Search vendor "Qualcomm" for product "Msm8917" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8953 Firmware Search vendor "Qualcomm" for product "Msm8953 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8953 Search vendor "Qualcomm" for product "Msm8953" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Msm8996au Firmware Search vendor "Qualcomm" for product "Msm8996au Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8996au Search vendor "Qualcomm" for product "Msm8996au" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qca4531 Firmware Search vendor "Qualcomm" for product "Qca4531 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca4531 Search vendor "Qualcomm" for product "Qca4531" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcn7605 Firmware Search vendor "Qualcomm" for product "Qcn7605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcn7605 Search vendor "Qualcomm" for product "Qcn7605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs605 Firmware Search vendor "Qualcomm" for product "Qcs605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs605 Search vendor "Qualcomm" for product "Qcs605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qm215 Firmware Search vendor "Qualcomm" for product "Qm215 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qm215 Search vendor "Qualcomm" for product "Qm215" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa415m Firmware Search vendor "Qualcomm" for product "Sa415m Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa415m Search vendor "Qualcomm" for product "Sa415m" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sc8180x Firmware Search vendor "Qualcomm" for product "Sc8180x Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sc8180x Search vendor "Qualcomm" for product "Sc8180x" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sda660 Firmware Search vendor "Qualcomm" for product "Sda660 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sda660 Search vendor "Qualcomm" for product "Sda660" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sda845 Firmware Search vendor "Qualcomm" for product "Sda845 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sda845 Search vendor "Qualcomm" for product "Sda845" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm429 Firmware Search vendor "Qualcomm" for product "Sdm429 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm429 Search vendor "Qualcomm" for product "Sdm429" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm429w Firmware Search vendor "Qualcomm" for product "Sdm429w Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm429w Search vendor "Qualcomm" for product "Sdm429w" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm439 Firmware Search vendor "Qualcomm" for product "Sdm439 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm439 Search vendor "Qualcomm" for product "Sdm439" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm450 Firmware Search vendor "Qualcomm" for product "Sdm450 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm450 Search vendor "Qualcomm" for product "Sdm450" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm630 Firmware Search vendor "Qualcomm" for product "Sdm630 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm630 Search vendor "Qualcomm" for product "Sdm630" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm632 Firmware Search vendor "Qualcomm" for product "Sdm632 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm632 Search vendor "Qualcomm" for product "Sdm632" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm636 Firmware Search vendor "Qualcomm" for product "Sdm636 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm636 Search vendor "Qualcomm" for product "Sdm636" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm660 Firmware Search vendor "Qualcomm" for product "Sdm660 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm660 Search vendor "Qualcomm" for product "Sdm660" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm845 Firmware Search vendor "Qualcomm" for product "Sdm845 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm845 Search vendor "Qualcomm" for product "Sdm845" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx20 Firmware Search vendor "Qualcomm" for product "Sdx20 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx20 Search vendor "Qualcomm" for product "Sdx20" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx24 Firmware Search vendor "Qualcomm" for product "Sdx24 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx24 Search vendor "Qualcomm" for product "Sdx24" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx55 Firmware Search vendor "Qualcomm" for product "Sdx55 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx55 Search vendor "Qualcomm" for product "Sdx55" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm6150 Firmware Search vendor "Qualcomm" for product "Sm6150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm6150 Search vendor "Qualcomm" for product "Sm6150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm7150 Firmware Search vendor "Qualcomm" for product "Sm7150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm7150 Search vendor "Qualcomm" for product "Sm7150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm8150 Firmware Search vendor "Qualcomm" for product "Sm8150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm8150 Search vendor "Qualcomm" for product "Sm8150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm8250 Firmware Search vendor "Qualcomm" for product "Sm8250 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm8250 Search vendor "Qualcomm" for product "Sm8250" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sxr2130 Firmware Search vendor "Qualcomm" for product "Sxr2130 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sxr2130 Search vendor "Qualcomm" for product "Sxr2130" | - | - |
Safe
|