Image Loading Vulnerability in Qualcomm Snapdragon Products
CVE-2016-10429

7.5HIGH

Key Information:

Summary

An image loading vulnerability exists in multiple Qualcomm Snapdragon products, where three distinct image types can be loaded without adequate separation. This oversight may expose devices to potential risks, enabling unauthorized access or manipulation. The issue affects a wide range of Snapdragon platforms prior to the April 2018 security patch, necessitating prompt updates to mitigate any security threats.

Affected Version(s)

Small Cell SoC , Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SDX20

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.