PT-2018-6825 · Qualcomm · Qualcomm Snapdragon Wear+1
Published
2018-10-26
·
Updated
2019-10-03
·
CVE-2017-18308
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Qualcomm Snapdragon Mobile versions MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430
Qualcomm Snapdragon Wear versions MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430
Description:
The issue affects modem segments in Qualcomm Snapdragon Mobile and Snapdragon Wear, where these segments are unlocked after authentication. This leaves the modem segments open to all, potentially allowing unauthorized access.
Recommendations:
For Qualcomm Snapdragon Mobile versions MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, restrict access to modem segments after authentication to minimize the risk of exploitation.
For Qualcomm Snapdragon Wear versions MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, restrict access to modem segments after authentication to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Qualcomm Snapdragon Mobile
Qualcomm Snapdragon Wear