1. Home
  2. CVE Database
  3. CVE-2019-10481
HIGH · 7.8

CVE-2019-10481

Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics Connectivit...

Vulnerability Description

Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8996AU, QCA6574AU, QCA8081, QCN7605, SDX55, SM6150, SM7150, SM8150

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommApq8096Au Firmware-
QualcommApq8096Au-
QualcommIpq4019 Firmware-
QualcommIpq4019-
QualcommIpq8064 Firmware-
QualcommIpq8064-
QualcommIpq8074 Firmware-
QualcommIpq8074-
QualcommMdm9607 Firmware-
QualcommMdm9607-
QualcommMsm8996Au Firmware-
QualcommMsm8996Au-
QualcommQca6574Au Firmware-
QualcommQca6574Au-
QualcommQca8081 Firmware-
QualcommQca8081-
QualcommQcn7605 Firmware-
QualcommQcn7605-
QualcommSdx55 Firmware-
QualcommSdx55-

Related Weaknesses (CWE)

CWE-129

References

FAQ

What is CVE-2019-10481?

CVE-2019-10481 is a vulnerability with a CVSS score of 7.8 (HIGH). Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics Connectivit...

How severe is CVE-2019-10481?

CVE-2019-10481 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-10481?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8096Au Firmware, Qualcomm Apq8096Au, Qualcomm Ipq4019 Firmware, Qualcomm Ipq4019, Qualcomm Ipq8064 Firmware.