CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-18125

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, when secure camera is activated it stores captured data in protected buffers. The TEE application which uses secure camera expects those buffers to contain data captured during the current camera session. It is possible though for HLOS to put aside and reuse one or more of the protected buffers with previously captured data during next camera session. Such data reuse must be prevented as the TEE applications expects to receive valid data captured during the current session only.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2017-18125

Qualcomm » Mdm9206 » Version: N/A

cpe:2.3:h:qualcomm:mdm9206:-
Qualcomm » Mdm9607 » Version: N/A

cpe:2.3:h:qualcomm:mdm9607:-
Qualcomm » Mdm9650 » Version: N/A

cpe:2.3:h:qualcomm:mdm9650:-
Qualcomm » Sd 205 » Version: N/A

cpe:2.3:h:qualcomm:sd_205:-
Qualcomm » Sd 210 » Version: N/A

cpe:2.3:h:qualcomm:sd_210:-
Qualcomm » Sd 212 » Version: N/A

cpe:2.3:h:qualcomm:sd_212:-
Qualcomm » Sd 835 » Version: N/A

cpe:2.3:h:qualcomm:sd_835:-
Qualcomm » Sd 845 » Version: N/A

cpe:2.3:h:qualcomm:sd_845:-
Qualcomm » Sd 850 » Version: N/A

cpe:2.3:h:qualcomm:sd_850:-
Qualcomm » Mdm9206 Firmware » Version: N/A

cpe:2.3:o:qualcomm:mdm9206_firmware:-
Qualcomm » Mdm9607 Firmware » Version: N/A

cpe:2.3:o:qualcomm:mdm9607_firmware:-
Qualcomm » Mdm9650 Firmware » Version: N/A

cpe:2.3:o:qualcomm:mdm9650_firmware:-
Qualcomm » Sd 205 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_205_firmware:-
Qualcomm » Sd 210 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_210_firmware:-
Qualcomm » Sd 212 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_212_firmware:-
Qualcomm » Sd 835 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_835_firmware:-
Qualcomm » Sd 845 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_845_firmware:-
Qualcomm » Sd 850 Firmware » Version: N/A

cpe:2.3:o:qualcomm:sd_850_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-18125

Products

Pricing

Contact Us