Input Validation Flaw in Snapdragon Automotive, Wearable, and Mobile Products
CVE-2017-17773

9.8CRITICAL

Key Information:

Vendor
Qualcomm
Vendor
CVE Published:
15 March 2018

Summary

An input validation issue in the video_fmt_mp4r_process_atom_avc1 function of various Qualcomm Snapdragon products can lead to a potential buffer overflow. This vulnerability affects a wide range of Snapdragon Automotive, Wearable, and Mobile devices. When input is not properly validated, it may allow attackers to exploit this flaw, potentially leading to unauthorized access or control over affected systems. It is crucial for users of the impacted Snapdragon products to ensure that they apply available security patches to mitigate risks associated with this vulnerability.

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.