1. Home
  2. CVE Database
  3. CVE-2018-11932
CRITICAL · 9.1

CVE-2018-11932

Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Con...

Vulnerability Description

Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130.

CVSS Score

9.1

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
QualcommMdm9650 Firmware-
QualcommMdm9650-
QualcommMdm9655 Firmware-
QualcommMdm9655-
QualcommMsm8996Au Firmware-
QualcommMsm8996Au-
QualcommQcs605 Firmware-
QualcommQcs605-
QualcommSd 410 Firmware-
QualcommSd 410-
QualcommSd 12 Firmware-
QualcommSd 12-
QualcommSd 615 Firmware-
QualcommSd 615-
QualcommSd 16 Firmware-
QualcommSd 16-
QualcommSd 415 Firmware-
QualcommSd 415-
QualcommSd 675 Firmware-
QualcommSd 675-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2018-11932?

CVE-2018-11932 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Con...

How severe is CVE-2018-11932?

CVE-2018-11932 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2018-11932?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9650 Firmware, Qualcomm Mdm9650, Qualcomm Mdm9655 Firmware, Qualcomm Mdm9655, Qualcomm Msm8996Au Firmware.