Vulnerability Description
AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update everytime in snapdragon mobile and snapdragon wear in versions MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 835, SD 845, SD 850
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Mdm9635M Firmware | - |
| Qualcomm | Mdm9635M | - |
| Qualcomm | Mdm9645 Firmware | - |
| Qualcomm | Mdm9645 | - |
| Qualcomm | Mdm9650 Firmware | - |
| Qualcomm | Mdm9650 | - |
| Qualcomm | Mdm9655 Firmware | - |
| Qualcomm | Mdm9655 | - |
| Qualcomm | Msm8909W Firmware | - |
| Qualcomm | Msm8909W | - |
| Qualcomm | Sd 835 Firmware | - |
| Qualcomm | Sd 835 | - |
| Qualcomm | Sd 845 Firmware | - |
| Qualcomm | Sd 845 | - |
| Qualcomm | Sd 850 Firmware | - |
| Qualcomm | Sd 850 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106128Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/106128Third Party AdvisoryVDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2017-18160?
CVE-2017-18160 is a vulnerability with a CVSS score of 9.8 (CRITICAL). AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update everytime in snapdragon mobile and snapdragon wear in versions MDM9635M, MDM9645, MDM9650, MDM9655, MSM89...
How severe is CVE-2017-18160?
CVE-2017-18160 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-18160?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9635M Firmware, Qualcomm Mdm9635M, Qualcomm Mdm9645 Firmware, Qualcomm Mdm9645, Qualcomm Mdm9650 Firmware.