1. Home
  2. CVE Database
  3. CVE-2017-18313
MEDIUM · 5.3

CVE-2017-18313

Under certain mode of operations, HLOS may be able get direct or indirect access through DXE channels to tamper with the authenticated WCNSS firmware stored in DDR because DXE-accessible memory is loc...

Vulnerability Description

Under certain mode of operations, HLOS may be able get direct or indirect access through DXE channels to tamper with the authenticated WCNSS firmware stored in DDR because DXE-accessible memory is located within the authenticated image in Snapdragon Mobile and Snapdragon Wear in version MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 617.

CVSS Score

5.3

MEDIUM

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
QualcommMsm8909W Firmware-
QualcommMsm8909W-
QualcommSd 210 Firmware-
QualcommSd 210-
QualcommSd 212 Firmware-
QualcommSd 212-
QualcommSd 205 Firmware-
QualcommSd 205-
QualcommSd 410 Firmware-
QualcommSd 410-
QualcommSd 412 Firmware-
QualcommSd 412-
QualcommSd 615 Firmware-
QualcommSd 615-
QualcommSd 616 Firmware-
QualcommSd 616-
QualcommSd 415 Firmware-
QualcommSd 415-
QualcommSd 617 Firmware-
QualcommSd 617-

References

FAQ

What is CVE-2017-18313?

CVE-2017-18313 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Under certain mode of operations, HLOS may be able get direct or indirect access through DXE channels to tamper with the authenticated WCNSS firmware stored in DDR because DXE-accessible memory is loc...

How severe is CVE-2017-18313?

CVE-2017-18313 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-18313?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Msm8909W Firmware, Qualcomm Msm8909W, Qualcomm Sd 210 Firmware, Qualcomm Sd 210, Qualcomm Sd 212 Firmware.