{ "id": "CVE-2019-10481", "sourceIdentifier": "product-security@qualcomm.com", "published": "2019-12-18T06:15:11.080", "lastModified": "2019-12-23T17:10:00.623", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8996AU, QCA6574AU, QCA8081, QCN7605, SDX55, SM6150, SM7150, SM8150" }, { "lang": "es", "value": "Un acceso fuera del l\u00edmite se presenta mientras se maneja el evento WMI FW debido a una falta de comprobaci\u00f3n del argumento del b\u00fafer que proviene directamente del WLAN FW en los productos Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking en las versiones APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8996AU, QCA6574AU, QCA8081, QCN7605, SDX55, SM6150, SM7150, SM8150." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2 }, "baseSeverity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-129" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD17C0A3-A200-4659-968B-B2DA03CB683F" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1F31FFB-982A-4308-82F8-C2480DABDED8" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "94CB547F-0078-47CD-B511-06DE96882D5A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA679375-BB14-4B24-8AD9-B2BFBACE2FDB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A35FECFB-60AE-42A8-BCBB-FEA7D5826D49" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9765187-8653-4D66-B230-B2CE862AC5C0" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8ABE492A-3755-4969-9DEB-4B85EBB84644" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3D3787B-6ACC-4591-B041-01307ED66C36" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F63A748F-2236-4486-83F1-DE4BCBE5D56D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*", "matchCriteriaId": "184F3DFC-27E8-48AC-B46C-C589DBCBF030" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9286B1E8-E39F-4DAA-8969-311CA2A0A8AA" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*", "matchCriteriaId": "19B9AE36-87A9-4EE7-87C8-CCA2DCF51039" } ] } ] } ], "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin", "source": "product-security@qualcomm.com", "tags": [ "Patch", "Vendor Advisory" ] } ] }