RAM Dump and Firmware Reset Vulnerability in Snapdragon Mobile by Qualcomm
CVE-2017-15841

5.5MEDIUM

Key Information:

Vendor: Qualcomm Technologies, Inc.
Status: Snapdragon Mobile
Vendor: CVE Published:; 6 May 2019

🔔 Create Qualcomm Technologies, Inc. Vulnerability Alert

What is CVE-2017-15841?

This vulnerability occurs when a specially crafted command ID packet is sent by the HOST to the Snapdragon Mobile Controller, leading to an unintended RAM dump and firmware reset. This affects multiple versions of Snapdragon products, potentially compromising the integrity of the device and allowing for unauthorized access to sensitive information.

Affected Version(s)

Snapdragon Mobile SD 410/12

Snapdragon Mobile SD 425

Snapdragon Mobile SD 427

References

https://www.qualcomm.com/company/product-security/bulletins

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2019
Vulnerability Reserved
Oct 24, 2017