Vulnerability Details CVE-2017-18282
Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://www.securitytracker.com/id/1041432
- https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components
- https://www.qualcomm.com/company/product-security/bulletins
- http://www.securitytracker.com/id/1041432
- https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components
- https://www.qualcomm.com/company/product-security/bulletins
Products affected by CVE-2017-18282
-
cpe:2.3:h:qualcomm:mdm9206:-
-
cpe:2.3:h:qualcomm:mdm9607:-
-
cpe:2.3:h:qualcomm:mdm9650:-
-
cpe:2.3:h:qualcomm:sd205:-
-
cpe:2.3:h:qualcomm:sd210:-
-
cpe:2.3:h:qualcomm:sd212:-
-
cpe:2.3:h:qualcomm:sd425:-
-
cpe:2.3:h:qualcomm:sd430:-
-
cpe:2.3:h:qualcomm:sd450:-
-
cpe:2.3:h:qualcomm:sd625:-
-
cpe:2.3:h:qualcomm:sd650:-
-
cpe:2.3:h:qualcomm:sd652:-
-
cpe:2.3:h:qualcomm:sd835:-
-
cpe:2.3:h:qualcomm:sda660:-
-
cpe:2.3:o:qualcomm:mdm9206_firmware:-
-
cpe:2.3:o:qualcomm:mdm9607_firmware:-
-
cpe:2.3:o:qualcomm:mdm9650_firmware:-
-
cpe:2.3:o:qualcomm:sd205_firmware:-
-
cpe:2.3:o:qualcomm:sd210_firmware:-
-
cpe:2.3:o:qualcomm:sd212_firmware:-
-
cpe:2.3:o:qualcomm:sd425_firmware:-
-
cpe:2.3:o:qualcomm:sd430_firmware:-
-
cpe:2.3:o:qualcomm:sd450_firmware:-
-
cpe:2.3:o:qualcomm:sd625_firmware:-
-
cpe:2.3:o:qualcomm:sd650_firmware:-
-
cpe:2.3:o:qualcomm:sd652_firmware:-
-
cpe:2.3:o:qualcomm:sd835_firmware:-
-
cpe:2.3:o:qualcomm:sda660_firmware:-