2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2017-18280" ,
"sourceIdentifier" : "product-security@qualcomm.com" ,
"published" : "2018-09-20T13:29:00.247" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T03:19:45.513" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has opened the SPI/I2C interface to a particular device, it is possible for another Trusted Application to read the data on this open interface by calling the SPI/I2C read function."
} ,
{
"lang" : "es" ,
"value" : "En Snapdragon (Automobile, Mobile y Wear) en versiones MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632 y Snapdragon_High_Med_2016, cuando una aplicaci\u00f3n de confianza abre la interfaz SPI/I2C a un dispositivo en concreto, es posible para otra aplicaci\u00f3n de confianza leer los datos de esta interfaz abierta llamando a la funci\u00f3n read de SPI/I2C."
}
] ,
"metrics" : {
"cvssMetricV30" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.8 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 5.9
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.2 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "LOCAL" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "COMPLETE" ,
"integrityImpact" : "COMPLETE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "COMPLETE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 10.0 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-noinfo"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A35FECFB-60AE-42A8-BCBB-FEA7D5826D49"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E9765187-8653-4D66-B230-B2CE862AC5C0"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FE28A59C-7AA6-4B85-84E8-07852B96108E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5DEE828B-09A7-4AC1-8134-491A7C87C118"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8CA1E7B0-782B-4757-B118-802943798984"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "95CB08EC-AE12-4A54-AA3C-998F01FC8763"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7D6D6965-B5B2-46D2-8718-43B7B22441C0"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E75C7497-A7DC-436B-BACD-71F69D99517D"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd212_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0AC3A8D2-2860-4A34-B9A8-0077263E4563"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd212:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B67ABF7B-5719-4C99-87C4-75499E98A281"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "47AB5135-6391-45C1-81DE-803E3834F196"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FCEF246C-6B39-4DC2-81B0-040DCAAD5177"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd425_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BC5ECC0E-0120-47E5-9D00-440DC38F2C0B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd425:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "352E745F-375B-43AE-9B29-8A2D50C695B4"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd427_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C9CDD792-89BC-4A7B-A971-4C04663E62A7"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd427:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "64D6ACA2-47C7-4E44-A838-22600B5BC52E"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F6652C54-B207-4816-B70D-5DD2C792D1DF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd430:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FD3B99CC-CC53-42A6-9C42-0C06E734A554"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd435_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7C2951AF-E04B-433B-B327-03D8D28B2BDE"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd435:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "084BB475-8F09-408E-AF1C-D0CA4DD8D414"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BF6EA9F3-ED14-4DAC-93D1-2DF63C7C3EAC"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd450:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C4EF0B75-2431-4E44-B515-11C9BD4BC982"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd617_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9F3D690E-908B-49DF-8341-9CFAE6DF5E44"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd617:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "274F8FC2-F564-4D87-B259-6AB5E035E73E"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd625_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7C5E72A3-2117-4190-978F-EFB4DDE4EC9F"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd625:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AD2EEF23-73EB-49AE-B9F1-4702D545D643"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd650_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3A83A1CF-396D-403F-AA22-0ED817DD384B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd650:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "21AEAA09-3C1B-4413-8418-63644DB3FABA"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd652_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E6C536B0-32E9-42D0-B298-B4D77CC94914"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd652:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8F81E096-820A-4B27-A539-5D3BA39FA5C9"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BC508C49-0B76-43A8-B2AF-0F8EB989E238"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E9665200-D306-4EEB-9F42-6C5963524179"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd820a_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CB757118-0F90-4E6E-AD4F-A05A5791B20C"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd820a:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2BCD9420-26A7-4444-9AA4-D7B0AC42FA84"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9DA605FD-B801-43BB-B52D-879013F7F57E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "908BFD96-0423-4AFC-B8F3-105B2D5B4C73"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9DFD2C9A-6C25-4B8F-BE64-DAD3DCCDEADD"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8DE61FCE-CA87-46E1-981D-B44697E54CB1"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "84289E6D-DA2A-4D04-9DDA-E8C46DDDD056"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C0B56360-7AC3-410A-B7F8-1BE8514B3781"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A02E12AC-F845-4164-9D95-ACD7167B6DD6"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sdm632:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "321F7DE7-E6E9-449F-867B-04A9F53334B0"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://www.securitytracker.com/id/1041432" ,
"source" : "product-security@qualcomm.com" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components" ,
"source" : "product-security@qualcomm.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://www.qualcomm.com/company/product-security/bulletins" ,
"source" : "product-security@qualcomm.com" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "http://www.securitytracker.com/id/1041432" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://www.qualcomm.com/company/product-security/bulletins" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
