Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-14045

Possible buffer overflow while processing clientlog and serverlog due to lack of validation of data received in logs in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8096AU, QCS605, SDM439, SM8150, SXR1130

Published

2020-03-05T09:15:17.063

Last Modified

2024-11-21T04:25:58.410

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-120
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System qualcomm apq8096au_firmware - Yes
Hardware qualcomm apq8096au - No
Operating System qualcomm qcs605_firmware - Yes
Hardware qualcomm qcs605 - No
Operating System qualcomm sdm439_firmware - Yes
Hardware qualcomm sdm439 - No
Operating System qualcomm sm8150_firmware - Yes
Hardware qualcomm sm8150 - No
Operating System qualcomm sxr1130_firmware - Yes
Hardware qualcomm sxr1130 - No
References