1. Home
  2. CVE Database
  3. CVE-2015-9194
HIGH · 7.5

CVE-2015-9194

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 8...

Vulnerability Description

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, during module load at TZ Startup, memory statically allocated by modules was not being properly set to zero first. Allowing the module to execute without reset gives it access to information from previous app thus leading to information exposure.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
QualcommSd 427 Firmware-
QualcommSd 427-
QualcommSd 435 Firmware-
QualcommSd 435-
QualcommSd 210 Firmware-
QualcommSd 210-
QualcommSd 212 Firmware-
QualcommSd 212-
QualcommSd 205 Firmware-
QualcommSd 205-
QualcommSd 400 Firmware-
QualcommSd 400-
QualcommSd 425 Firmware-
QualcommSd 425-
QualcommSd 430 Firmware-
QualcommSd 430-
QualcommSd 450 Firmware-
QualcommSd 450-
QualcommSd 617 Firmware-
QualcommSd 617-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2015-9194?

CVE-2015-9194 is a vulnerability with a CVSS score of 7.5 (HIGH). In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 8...

How severe is CVE-2015-9194?

CVE-2015-9194 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-9194?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Sd 427 Firmware, Qualcomm Sd 427, Qualcomm Sd 435 Firmware, Qualcomm Sd 435, Qualcomm Sd 210 Firmware.