Vulnerability Description
An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX24, SXR1130
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Qcs405 Firmware | - |
| Qualcomm | Qcs405 | - |
| Qualcomm | Qcs605 Firmware | - |
| Qualcomm | Qcs605 | - |
| Qualcomm | Sd 636 Firmware | - |
| Qualcomm | Sd 636 | - |
| Qualcomm | Sd 665 Firmware | - |
| Qualcomm | Sd 665 | - |
| Qualcomm | Sd 675 Firmware | - |
| Qualcomm | Sd 675 | - |
| Qualcomm | Sd 712 Firmware | - |
| Qualcomm | Sd 712 | - |
| Qualcomm | Sd 710 Firmware | - |
| Qualcomm | Sd 710 | - |
| Qualcomm | Sd 670 Firmware | - |
| Qualcomm | Sd 670 | - |
| Qualcomm | Sd 730 Firmware | - |
| Qualcomm | Sd 730 | - |
| Qualcomm | Sd 820 Firmware | - |
| Qualcomm | Sd 820 | - |
References
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
FAQ
What is CVE-2019-2281?
CVE-2019-2281 is a vulnerability with a CVSS score of 7.8 (HIGH). An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu...
How severe is CVE-2019-2281?
CVE-2019-2281 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-2281?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Qcs405 Firmware, Qualcomm Qcs405, Qualcomm Qcs605 Firmware, Qualcomm Qcs605, Qualcomm Sd 636 Firmware.