CVE-2017-18308

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Mobile versions MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430 Qualcomm Snapdragon Wear versions MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430

Description: The issue affects modem segments in Qualcomm Snapdragon Mobile and Snapdragon Wear, where these segments are unlocked after authentication. This leaves the modem segments open to all, potentially allowing unauthorized access.

Recommendations: For Qualcomm Snapdragon Mobile versions MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, restrict access to modem segments after authentication to minimize the risk of exploitation. For Qualcomm Snapdragon Wear versions MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, restrict access to modem segments after authentication to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.