Vulnerability Description
Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Sd 845 Firmware | - |
| Qualcomm | Sd 845 | - |
| Qualcomm | Sd 850 Firmware | - |
| Qualcomm | Sd 850 | - |
| Qualcomm | Sda660 Firmware | - |
| Qualcomm | Sda660 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107681
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/107681
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2018-11872?
CVE-2018-11872 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660
How severe is CVE-2018-11872?
CVE-2018-11872 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-11872?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Sd 845 Firmware, Qualcomm Sd 845, Qualcomm Sd 850 Firmware, Qualcomm Sd 850, Qualcomm Sda660 Firmware.