PT-2019-11932 · Qualcomm · Sda660+17

Published

2019-11-21

Updated

2021-07-21

CVE-2019-10563

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions (affected versions not specified)

Description A buffer over-read issue can occur due to improper input validation in the fast message handler when processing a message from firmware. This issue affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, and Snapdragon Voice & Music, in specific chipsets such as APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, and SDX24.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-20

Related Identifiers

CVE-2019-10563

Affected Products

Apq8053

Apq8096Au

Msm8996Au

Msm8998

Qcn7605

Qcs405

Qcs605

Sda660

Sdm636

Sdm660

Sdx20

Sdx24

Snapdragon Auto

Snapdragon Consumer Electronics Connectivity

Snapdragon Consumer Iot

Snapdragon Industrial Iot

Snapdragon Mobile

Snapdragon Voice & Music

PT-2019-11932 · Qualcomm · Sda660+17

CVE-2019-10563

Weakness Enumeration

Related Identifiers

Affected Products

References · 2