Security Flaw in Snapdragon Processors from Qualcomm Affecting Automotive and Mobile Devices
CVE-2017-18131

7.8HIGH

Key Information:

Vendor: Qualcomm Technologies Inc.
Status: Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
Vendor: CVE Published:; 6 May 2019

Summary

A vulnerability exists in the Qualcomm Snapdragon processors, where an incorrect fuse value can be blown. This flaw may lead to potential security risks, notably impacting Snapdragon Automobile, Mobile, and Wear devices. Affected versions include several models spanning from SD 205 to SDM660, posing challenges in maintaining device integrity and operational security. Users and developers should ensure that their devices are updated and patched in order to mitigate potential risks associated with this issue.

Affected Version(s)

Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear MDM9206

Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear MDM9607

Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear MSM8996AU

References

https://www.qualcomm.com/company/product-security/bulletins

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 6, 2019
Vulnerability Reserved
Feb 5, 2018