CVE-2019-14132 — CRITICAL (9.8)

Vulnerability Description

Buffer over-write when this 0-byte buffer is typecasted to some other structure and hence memory corruption in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SA6155P, SM8150

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Qualcomm	Qcs605 Firmware	-
Qualcomm	Qcs605	-
Qualcomm	Sa6155P Firmware	-
Qualcomm	Sa6155P	-
Qualcomm	Sm8150 Firmware	-
Qualcomm	Sm8150	-

Related Weaknesses (CWE)

CWE-787

References

https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletinPatchVendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletinPatchVendor Advisory

FAQ

What is CVE-2019-14132?

CVE-2019-14132 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Buffer over-write when this 0-byte buffer is typecasted to some other structure and hence memory corruption in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SA6155P, SM8150

How severe is CVE-2019-14132?

CVE-2019-14132 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-14132?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Qcs605 Firmware, Qualcomm Qcs605, Qualcomm Sa6155P Firmware, Qualcomm Sa6155P, Qualcomm Sm8150 Firmware.