PT-2019-8039 · Qualcomm · Qualcomm Snapdragon Mobile

Published

2019-05-06

Updated

2019-10-03

CVE-2017-15841

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Mobile versions SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835

Description The issue occurs when the HOST sends a Special command ID packet, triggering a RAM Dump and firmware reset in the affected Qualcomm Snapdragon Mobile versions.

Recommendations For versions SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, consider restricting access to the Special command ID packet to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-15841

Affected Products

Qualcomm Snapdragon Mobile

PT-2019-8039 · Qualcomm · Qualcomm Snapdragon Mobile

CVE-2017-15841

Related Identifiers

Affected Products

References · 2