← Voltar para CVEs
CVE-2019-14111
CRITICAL9.8
Descricao
Possible buffer overflow while handling NAN reception of NMF in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, Rennell, SC7180, SC8180X, SM6150, SM7150, SM8150, SXR2130
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado4/16/2020
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
qualcomm:ipq6018qualcomm:ipq6018_firmwarequalcomm:ipq8074qualcomm:ipq8074_firmwarequalcomm:nicobarqualcomm:nicobar_firmwarequalcomm:qca6390qualcomm:qca6390_firmwarequalcomm:qca8081qualcomm:qca8081_firmwarequalcomm:qcn7605qualcomm:qcn7605_firmwarequalcomm:qcs404qualcomm:qcs404_firmwarequalcomm:qcs405qualcomm:qcs405_firmwarequalcomm:rennellqualcomm:rennell_firmwarequalcomm:sc7180qualcomm:sc7180_firmwarequalcomm:sc8180xqualcomm:sc8180x_firmwarequalcomm:sm6150qualcomm:sm6150_firmwarequalcomm:sm7150qualcomm:sm7150_firmwarequalcomm:sm8150qualcomm:sm8150_firmwarequalcomm:sxr2130qualcomm:sxr2130_firmware
Fraquezas (CWE)
CWE-120
Referencias
https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin(product-security@qualcomm.com)
https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.