Vulnerabilities > CVE-2016-10489 - NULL Pointer Dereference vulnerability in Qualcomm SD 400 Firmware

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
qualcomm
CWE-476
critical

Summary

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference.

Vulnerable Configurations

Part Description Count
OS
Qualcomm
1
Hardware
Qualcomm
1

Common Weakness Enumeration (CWE)