Vulnerability Details CVE-2017-18280
In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has opened the SPI/I2C interface to a particular device, it is possible for another Trusted Application to read the data on this open interface by calling the SPI/I2C read function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://www.securitytracker.com/id/1041432
- https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components
- https://www.qualcomm.com/company/product-security/bulletins
- http://www.securitytracker.com/id/1041432
- https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components
- https://www.qualcomm.com/company/product-security/bulletins
Products affected by CVE-2017-18280
-
cpe:2.3:h:qualcomm:mdm9607:-
-
cpe:2.3:h:qualcomm:msm8909w:-
-
cpe:2.3:h:qualcomm:msm8996au:-
-
cpe:2.3:h:qualcomm:sd205:-
-
cpe:2.3:h:qualcomm:sd210:-
-
cpe:2.3:h:qualcomm:sd212:-
-
cpe:2.3:h:qualcomm:sd425:-
-
cpe:2.3:h:qualcomm:sd427:-
-
cpe:2.3:h:qualcomm:sd430:-
-
cpe:2.3:h:qualcomm:sd435:-
-
cpe:2.3:h:qualcomm:sd450:-
-
cpe:2.3:h:qualcomm:sd617:-
-
cpe:2.3:h:qualcomm:sd625:-
-
cpe:2.3:h:qualcomm:sd650:-
-
cpe:2.3:h:qualcomm:sd652:-
-
cpe:2.3:h:qualcomm:sd820:-
-
cpe:2.3:h:qualcomm:sd820a:-
-
cpe:2.3:h:qualcomm:sd835:-
-
cpe:2.3:h:qualcomm:sdm429:-
-
cpe:2.3:h:qualcomm:sdm439:-
-
cpe:2.3:h:qualcomm:sdm632:-
-
cpe:2.3:o:qualcomm:mdm9607_firmware:-
-
cpe:2.3:o:qualcomm:msm8909w_firmware:-
-
cpe:2.3:o:qualcomm:msm8996au_firmware:-
-
cpe:2.3:o:qualcomm:sd205_firmware:-
-
cpe:2.3:o:qualcomm:sd210_firmware:-
-
cpe:2.3:o:qualcomm:sd212_firmware:-
-
cpe:2.3:o:qualcomm:sd425_firmware:-
-
cpe:2.3:o:qualcomm:sd427_firmware:-
-
cpe:2.3:o:qualcomm:sd430_firmware:-
-
cpe:2.3:o:qualcomm:sd435_firmware:-
-
cpe:2.3:o:qualcomm:sd450_firmware:-
-
cpe:2.3:o:qualcomm:sd617_firmware:-
-
cpe:2.3:o:qualcomm:sd625_firmware:-
-
cpe:2.3:o:qualcomm:sd650_firmware:-
-
cpe:2.3:o:qualcomm:sd652_firmware:-
-
cpe:2.3:o:qualcomm:sd820_firmware:-
-
cpe:2.3:o:qualcomm:sd820a_firmware:-
-
cpe:2.3:o:qualcomm:sd835_firmware:-
-
cpe:2.3:o:qualcomm:sdm429_firmware:-
-
cpe:2.3:o:qualcomm:sdm439_firmware:-
-
cpe:2.3:o:qualcomm:sdm632_firmware:-