CVE-2017-18276

7.8HIGH

Key Information:

Vendor: Qualcomm Technologies, Inc.
Status: Snapdragon Mobile, Snapdragon Wear
Vendor: CVE Published:; 6 May 2019

Summary

Secure camera logic allows display/secure camera controllers to access HLOS memory during secure display or camera session in Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850

Affected Version(s)

Snapdragon Mobile, Snapdragon Wear MDM9206

Snapdragon Mobile, Snapdragon Wear MDM9607

Snapdragon Mobile, Snapdragon Wear MDM9650

References

https://www.qualcomm.com/company/product-security/bulletins

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 6, 2019
Vulnerability Reserved
May 18, 2018