Vulnerability Details CVE-2019-2338
Crafted image that has a valid signature from a non-QC entity can be loaded which can read/write memory that belongs to the secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.6%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 3.6
References
Products affected by CVE-2019-2338
-
cpe:2.3:h:qualcomm:mdm9205:-
-
cpe:2.3:h:qualcomm:msm8998:-
-
cpe:2.3:h:qualcomm:qcs404:-
-
cpe:2.3:h:qualcomm:qcs605:-
-
cpe:2.3:h:qualcomm:sda660:-
-
cpe:2.3:h:qualcomm:sda845:-
-
cpe:2.3:h:qualcomm:sdm630:-
-
cpe:2.3:h:qualcomm:sdm636:-
-
cpe:2.3:h:qualcomm:sdm660:-
-
cpe:2.3:h:qualcomm:sdm670:-
-
cpe:2.3:h:qualcomm:sdm710:-
-
cpe:2.3:h:qualcomm:sdm845:-
-
cpe:2.3:h:qualcomm:sdm850:-
-
cpe:2.3:h:qualcomm:sdx24:-
-
cpe:2.3:h:qualcomm:sm6150:-
-
cpe:2.3:h:qualcomm:sm7150:-
-
cpe:2.3:h:qualcomm:sm8150:-
-
cpe:2.3:h:qualcomm:sxr1130:-
-
cpe:2.3:h:qualcomm:sxr2130:-
-
cpe:2.3:o:qualcomm:mdm9205_firmware:-
-
cpe:2.3:o:qualcomm:msm8998_firmware:-
-
cpe:2.3:o:qualcomm:qcs404_firmware:-
-
cpe:2.3:o:qualcomm:qcs605_firmware:-
-
cpe:2.3:o:qualcomm:sda660_firmware:-
-
cpe:2.3:o:qualcomm:sda845_firmware:-
-
cpe:2.3:o:qualcomm:sdm630_firmware:-
-
cpe:2.3:o:qualcomm:sdm636_firmware:-
-
cpe:2.3:o:qualcomm:sdm660_firmware:-
-
cpe:2.3:o:qualcomm:sdm670_firmware:-
-
cpe:2.3:o:qualcomm:sdm710_firmware:-
-
cpe:2.3:o:qualcomm:sdm845_firmware:-
-
cpe:2.3:o:qualcomm:sdm850_firmware:-
-
cpe:2.3:o:qualcomm:sdx24_firmware:-
-
cpe:2.3:o:qualcomm:sm6150_firmware:-
-
cpe:2.3:o:qualcomm:sm7150_firmware:-
-
cpe:2.3:o:qualcomm:sm8150_firmware:-
-
cpe:2.3:o:qualcomm:sxr1130_firmware:-
-
cpe:2.3:o:qualcomm:sxr2130_firmware:-