Vulnerabilities > CVE-2018-13898 - Out-of-bounds Write vulnerability in Qualcomm products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

qualcomm

CWE-787

NVD

Published: 2019-06-14

Updated: 2019-06-18

Summary

Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Mdm9150 Firmware - Qualcomm Mdm9206 Firmware - Qualcomm Mdm9607 Firmware - Qualcomm Mdm9650 Firmware - Qualcomm Mdm9655 Firmware - Qualcomm Qcs405 Firmware - Qualcomm Qcs605 Firmware - Qualcomm Qualcomm 215 Firmware - Qualcomm SD 210 Firmware - Qualcomm SD 212 Firmware - Qualcomm SD 205 Firmware - Qualcomm SD 410 Firmware - Qualcomm SD 412 Firmware - Qualcomm SD 425 Firmware - Qualcomm SD 427 Firmware - Qualcomm SD 430 Firmware - Qualcomm SD 435 Firmware - Qualcomm SD 439 Firmware - Qualcomm SD 429 Firmware - Qualcomm SD 450 Firmware - Qualcomm SD 625 Firmware - Qualcomm SD 632 Firmware - Qualcomm SD 636 Firmware - Qualcomm SD 675 Firmware - Qualcomm SD 712 Firmware - Qualcomm SD 710 Firmware - Qualcomm SD 670 Firmware - Qualcomm SD 730 Firmware - Qualcomm SD 835 Firmware - Qualcomm SD 845 Firmware - Qualcomm SD 850 Firmware - Qualcomm SD 855 Firmware - Qualcomm SD 8CX Firmware - Qualcomm Sda660 Firmware - Qualcomm Sdm439 Firmware - Qualcomm Sdm630 Firmware - Qualcomm Sdm660 Firmware - Qualcomm Sdx24 Firmware - Qualcomm Snapdragon High MED 2016 Firmware - Qualcomm Sxr1130 Firmware -	40
Hardware	Qualcomm Qualcomm Mdm9150 - Qualcomm Mdm9206 - Qualcomm Mdm9607 - Qualcomm Mdm9650 - Qualcomm Mdm9655 - Qualcomm Qcs405 - Qualcomm Qcs605 - Qualcomm Qualcomm 215 - Qualcomm SD 210 - Qualcomm SD 212 - Qualcomm SD 205 - Qualcomm SD 410 - Qualcomm SD 412 - Qualcomm SD 425 - Qualcomm SD 427 - Qualcomm SD 430 - Qualcomm SD 435 - Qualcomm SD 439 - Qualcomm SD 429 - Qualcomm SD 450 - Qualcomm SD 625 - Qualcomm SD 632 - Qualcomm SD 636 - Qualcomm SD 675 - Qualcomm SD 712 - Qualcomm SD 710 - Qualcomm SD 670 - Qualcomm SD 730 - Qualcomm SD 835 - Qualcomm SD 845 - Qualcomm SD 850 - Qualcomm SD 855 - Qualcomm SD 8CX - Qualcomm Sda660 - Qualcomm Sdm439 - Qualcomm Sdm630 - Qualcomm Sdm660 - Qualcomm Sdx24 - Qualcomm Snapdragon High MED 2016 - Qualcomm Sxr1130 -	40

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.qualcomm.com/company/product-security/bulletins