CVE-2018-11259

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon (affected versions not specified)

Description The issue is related to improper access control of the NAND-based EFS in Snapdragon products. This allows for the EFS partition to be erased from fastboot on a NAND-based device. As a result, the apps processor gains non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.