CVE-2019-2289

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions (affected versions not specified)

Description The issue is related to a lack of integrity check, allowing the MODEM to accept any NAS messages, which can result in authentication bypass of NAS. This affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wearables, across multiple chipsets.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.