CVE-2019-2346
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS404, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660
El firmware se está metiendo en el bucle de la memoria de sobrescritura cuando el comando de escaneo se proporciona desde el host debido a una validación incorrecta en Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS404, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-10 CVE Reserved
- 2019-07-25 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-129: Improper Validation of Array Index
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins | 2019-07-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Ipq8074 Firmware Search vendor "Qualcomm" for product "Ipq8074 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Ipq8074 Search vendor "Qualcomm" for product "Ipq8074" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qca8081 Firmware Search vendor "Qualcomm" for product "Qca8081 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca8081 Search vendor "Qualcomm" for product "Qca8081" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs404 Firmware Search vendor "Qualcomm" for product "Qcs404 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs404 Search vendor "Qualcomm" for product "Qcs404" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs405 Firmware Search vendor "Qualcomm" for product "Qcs405 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs405 Search vendor "Qualcomm" for product "Qcs405" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs605 Firmware Search vendor "Qualcomm" for product "Qcs605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs605 Search vendor "Qualcomm" for product "Qcs605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 425 Firmware Search vendor "Qualcomm" for product "Sd 425 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 425 Search vendor "Qualcomm" for product "Sd 425" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 427 Firmware Search vendor "Qualcomm" for product "Sd 427 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 427 Search vendor "Qualcomm" for product "Sd 427" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 430 Firmware Search vendor "Qualcomm" for product "Sd 430 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 430 Search vendor "Qualcomm" for product "Sd 430" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 435 Firmware Search vendor "Qualcomm" for product "Sd 435 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 435 Search vendor "Qualcomm" for product "Sd 435" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 450 Firmware Search vendor "Qualcomm" for product "Sd 450 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 450 Search vendor "Qualcomm" for product "Sd 450" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 625 Firmware Search vendor "Qualcomm" for product "Sd 625 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 625 Search vendor "Qualcomm" for product "Sd 625" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 636 Firmware Search vendor "Qualcomm" for product "Sd 636 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 636 Search vendor "Qualcomm" for product "Sd 636" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 712 Firmware Search vendor "Qualcomm" for product "Sd 712 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 712 Search vendor "Qualcomm" for product "Sd 712" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 710 Firmware Search vendor "Qualcomm" for product "Sd 710 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 710 Search vendor "Qualcomm" for product "Sd 710" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 670 Firmware Search vendor "Qualcomm" for product "Sd 670 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 670 Search vendor "Qualcomm" for product "Sd 670" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 820 Firmware Search vendor "Qualcomm" for product "Sd 820 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 820 Search vendor "Qualcomm" for product "Sd 820" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 835 Firmware Search vendor "Qualcomm" for product "Sd 835 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 835 Search vendor "Qualcomm" for product "Sd 835" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 845 Firmware Search vendor "Qualcomm" for product "Sd 845 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 845 Search vendor "Qualcomm" for product "Sd 845" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 850 Firmware Search vendor "Qualcomm" for product "Sd 850 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 850 Search vendor "Qualcomm" for product "Sd 850" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 855 Firmware Search vendor "Qualcomm" for product "Sd 855 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 855 Search vendor "Qualcomm" for product "Sd 855" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 8cx Firmware Search vendor "Qualcomm" for product "Sd 8cx Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 8cx Search vendor "Qualcomm" for product "Sd 8cx" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sda660 Firmware Search vendor "Qualcomm" for product "Sda660 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sda660 Search vendor "Qualcomm" for product "Sda660" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm630 Firmware Search vendor "Qualcomm" for product "Sdm630 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm630 Search vendor "Qualcomm" for product "Sdm630" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm660 Firmware Search vendor "Qualcomm" for product "Sdm660 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm660 Search vendor "Qualcomm" for product "Sdm660" | - | - |
Safe
|