CVE-2017-18313

Sažetak

Under certain mode of operations, HLOS may be able get direct or indirect access through DXE channels to tamper with the authenticated WCNSS firmware stored in DDR because DXE-accessible memory is located within the authenticated image in Snapdragon Mobile and Snapdragon Wear in version MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 617.

Reference

https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components
https://www.qualcomm.com/company/product-security/bulletins

CVSS

Base:	5.7
Impact:	6.9
Exploitability:	5.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	COMPLETE	NONE

CVSS vektor

AV:A/AC:M/Au:N/C:N/I:C/A:N

Zadnje važnije ažuriranje

03-10-2019 - 00:03

Objavljeno

23-10-2018 - 13:29