CVE-2019-10596 — HIGH (7.8)

Vulnerability Description

u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Nicobar, QCS605, QCS610, Rennell, SA6155P, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Qualcomm	Bitra Firmware	-
Qualcomm	Bitra	-
Qualcomm	Nicobar Firmware	-
Qualcomm	Nicobar	-
Qualcomm	Qcs605 Firmware	-
Qualcomm	Qcs605	-
Qualcomm	Qcs610 Firmware	-
Qualcomm	Qcs610	-
Qualcomm	Rennell Firmware	-
Qualcomm	Rennell	-
Qualcomm	Sa6155P Firmware	-
Qualcomm	Sa6155P	-
Qualcomm	Saipan Firmware	-
Qualcomm	Saipan	-
Qualcomm	Sc7180 Firmware	-
Qualcomm	Sc7180	-
Qualcomm	Sc8180X Firmware	-
Qualcomm	Sc8180X	-
Qualcomm	Sdm670 Firmware	-
Qualcomm	Sdm670	-

References

FAQ

What is CVE-2019-10596?

CVE-2019-10596 is a vulnerability with a CVSS score of 7.8 (HIGH). u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer I...

How severe is CVE-2019-10596?

CVE-2019-10596 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-10596?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Bitra Firmware, Qualcomm Bitra, Qualcomm Nicobar Firmware, Qualcomm Nicobar, Qualcomm Qcs605 Firmware.