CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-10043

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, while reading PlayReady rights string information from command buffer (which is sent from non-secure side), if length of rights string is very large, a buffer over read occurs, exposing TZ App memory to non-secure side.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.6%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2014-10043

Qualcomm » Msm8909w » Version: N/A

cpe:2.3:h:qualcomm:msm8909w:-
Qualcomm » Sd 205 » Version: N/A

cpe:2.3:h:qualcomm:sd_205:-
Qualcomm » Sd 210 » Version: N/A

cpe:2.3:h:qualcomm:sd_210:-
Qualcomm » Sd 212 » Version: N/A

cpe:2.3:h:qualcomm:sd_212:-
Qualcomm » Sd 400 » Version: N/A

cpe:2.3:h:qualcomm:sd_400:-
Qualcomm » Sd 410 » Version: N/A

cpe:2.3:h:qualcomm:sd_410:-
Qualcomm » Sd 412 » Version: N/A

cpe:2.3:h:qualcomm:sd_412:-
Qualcomm » Sd 800 » Version: N/A

cpe:2.3:h:qualcomm:sd_800:-
Qualcomm » Msm8909w Firmware » Version: N/A

cpe:2.3:o:qualcomm:msm8909w_firmware:-
Qualcomm » Sd 205 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_205_firmware:-
Qualcomm » Sd 210 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_210_firmware:-
Qualcomm » Sd 212 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_212_firmware:-
Qualcomm » Sd 400 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_400_firmware:-
Qualcomm » Sd 410 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_410_firmware:-
Qualcomm » Sd 412 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_412_firmware:-
Qualcomm » Sd 800 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_800_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-10043

Products

Pricing

Contact Us