Vulnerabilities > CVE-2017-18282 - Unspecified vulnerability in Qualcomm products

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

qualcomm

NVD

Published: 2018-10-23

Updated: 2019-10-03

Summary

Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Mdm9206 Firmware - Qualcomm Mdm9607 Firmware - Qualcomm Mdm9650 Firmware - Qualcomm Sd210 Firmware - Qualcomm Sd212 Firmware - Qualcomm Sd205 Firmware - Qualcomm Sd425 Firmware - Qualcomm Sd430 Firmware - Qualcomm Sd450 Firmware - Qualcomm Sd625 Firmware - Qualcomm Sd650 Firmware - Qualcomm Sd652 Firmware - Qualcomm Sd835 Firmware - Qualcomm Sda660 Firmware -	14
Hardware	Qualcomm Qualcomm Mdm9206 - Qualcomm Mdm9607 - Qualcomm Mdm9650 - Qualcomm Sd210 - Qualcomm Sd212 - Qualcomm Sd205 - Qualcomm Sd425 - Qualcomm Sd430 - Qualcomm Sd450 - Qualcomm Sd625 - Qualcomm Sd650 - Qualcomm Sd652 - Qualcomm Sd835 - Qualcomm Sda660 -	14

Summary

Vulnerable Configurations

References