CVE-2019-10535

Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, APQ8098, MDM9640, MSM8996AU, MSM8998, QCA6574AU, QCN7605, QCS405, QCS605, SDA845, SDM845, SDX20
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
qualcommCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
VendorProductVersion
qualcommapq8053_firmware
-
qualcommapq8096au_firmware
-
qualcommapq8098_firmware
-
qualcommmdm9640_firmware
-
qualcommmsm8996au_firmware
-
qualcommmsm8998_firmware
-
qualcommqca6574au_firmware
-
qualcommqcn7605_firmware
-
qualcommqcs405_firmware
-
qualcommqcs605_firmware
-
qualcommsda845_firmware
-
qualcommsdm845_firmware
-
qualcommsdx20_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin
https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin