CVE-2019-2281
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
25/07/2019
Last modified:
24/08/2020
Description
An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX24, SXR1130
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_665_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_665:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page