Vulnerabilities > CVE-2017-18319 - Key Management Errors vulnerability in Qualcomm products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

qualcomm

CWE-320

NVD

Published: 2019-01-03

Updated: 2019-01-10

Summary

Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016.

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Mdm9206 Firmware - Qualcomm Mdm9607 Firmware - Qualcomm Mdm9615 Firmware - Qualcomm Mdm9625 Firmware - Qualcomm Mdm9635M Firmware - Qualcomm Mdm9645 Firmware - Qualcomm Mdm9650 Firmware - Qualcomm Mdm9655 Firmware - Qualcomm Msm8909W Firmware - Qualcomm SD 210 Firmware - Qualcomm SD 212 Firmware - Qualcomm SD 205 Firmware - Qualcomm SD 410 Firmware - Qualcomm SD 412 Firmware - Qualcomm SD 425 Firmware - Qualcomm SD 427 Firmware - Qualcomm SD 430 Firmware - Qualcomm SD 435 Firmware - Qualcomm SD 450 Firmware - Qualcomm SD 615 Firmware - Qualcomm SD 616 Firmware - Qualcomm SD 415 Firmware - Qualcomm SD 625 Firmware - Qualcomm SD 650 Firmware - Qualcomm SD 652 Firmware - Qualcomm SD 800 Firmware - Qualcomm SD 810 Firmware - Qualcomm SD 820 Firmware - Qualcomm SD 835 Firmware - Qualcomm Snapdragon High MED 2016 Firmware -	30
Hardware	Qualcomm Qualcomm Mdm9206 - Qualcomm Mdm9607 - Qualcomm Mdm9615 - Qualcomm Mdm9625 - Qualcomm Mdm9635M - Qualcomm Mdm9645 - Qualcomm Mdm9650 - Qualcomm Mdm9655 - Qualcomm Msm8909W - Qualcomm SD 210 - Qualcomm SD 212 - Qualcomm SD 205 - Qualcomm SD 410 - Qualcomm SD 412 - Qualcomm SD 425 - Qualcomm SD 427 - Qualcomm SD 430 - Qualcomm SD 435 - Qualcomm SD 450 - Qualcomm SD 615 - Qualcomm SD 616 - Qualcomm SD 415 - Qualcomm SD 625 - Qualcomm SD 650 - Qualcomm SD 652 - Qualcomm SD 800 - Qualcomm SD 810 - Qualcomm SD 820 - Qualcomm SD 835 - Qualcomm Snapdragon High MED 2016 -	30

Common Weakness Enumeration (CWE)

CWE-320 - Key Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References