Vulnerability Description
u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MSM8998, Nicobar, QCS404, QCS605, QCS610, Rennell, SA415M, SA6155P, SC7180, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ipq6018 Firmware | - |
| Qualcomm | Ipq6018 | - |
| Qualcomm | Kamorta Firmware | - |
| Qualcomm | Kamorta | - |
| Qualcomm | Msm8998 Firmware | - |
| Qualcomm | Msm8998 | - |
| Qualcomm | Nicobar Firmware | - |
| Qualcomm | Nicobar | - |
| Qualcomm | Qcs404 Firmware | - |
| Qualcomm | Qcs404 | - |
| Qualcomm | Qcs605 Firmware | - |
| Qualcomm | Qcs605 | - |
| Qualcomm | Qcs610 Firmware | - |
| Qualcomm | Qcs610 | - |
| Qualcomm | Rennell Firmware | - |
| Qualcomm | Rennell | - |
| Qualcomm | Sa415M Firmware | - |
| Qualcomm | Sa415M | - |
| Qualcomm | Sa6155P Firmware | - |
| Qualcomm | Sa6155P | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletinBroken Link
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-securityVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletinBroken Link
FAQ
What is CVE-2019-10562?
CVE-2019-10562 is a vulnerability with a CVSS score of 7.8 (HIGH). u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snap...
How severe is CVE-2019-10562?
CVE-2019-10562 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-10562?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ipq6018 Firmware, Qualcomm Ipq6018, Qualcomm Kamorta Firmware, Qualcomm Kamorta, Qualcomm Msm8998 Firmware.