CVE-2019-2267

EUVD-2019-11909
Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130, SXR2130
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Affected Products (NVD)
VendorProductVersion
qualcommmdm9205_firmware
-
qualcommqcs404_firmware
-
qualcommqcs605_firmware
-
qualcommsda845_firmware
-
qualcommsdm670_firmware
-
qualcommsdm710_firmware
-
qualcommsdm845_firmware
-
qualcommsdm850_firmware
-
qualcommsm8150_firmware
-
qualcommsxr1130_firmware
-
qualcommsxr2130_firmware
-
𝑥
= Vulnerable software versions
References
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin