Vulnerabilities > CVE-2017-18312 - Missing Authorization vulnerability in Qualcomm products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
While accessing SafeSwitch services, third party can manipulate a given device and perform unauthorized operation due to lack of checking of same state transitions in Snapdragon Automobile, Snapdragon Mobile in version MSM8996AU, SD 410/12, SD 617, SD 650/52, SD 810, SD 820, SD 820A
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 9 | |
| Hardware | 9 |