CVE-2019-2289
21.11.2019, 15:15
Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130Enginsight
| Vendor | Product | Version |
|---|---|---|
| qualcomm | apq8009_firmware | - |
| qualcomm | apq8017_firmware | - |
| qualcomm | apq8053_firmware | - |
| qualcomm | apq8096au_firmware | - |
| qualcomm | apq8098_firmware | - |
| qualcomm | mdm915_firmware | - |
| qualcomm | mdm9205_firmware | - |
| qualcomm | mdm9206_firmware | - |
| qualcomm | mdm9607_firmware | - |
| qualcomm | mdm9615_firmware | - |
| qualcomm | mdm9625_firmware | - |
| qualcomm | mdm9635m_firmware | - |
| qualcomm | mdm9640_firmware | - |
| qualcomm | mdm9650_firmware | - |
| qualcomm | mdm9655_firmware | - |
| qualcomm | msm8905_firmware | - |
| qualcomm | msm8909_firmware | - |
| qualcomm | msm8909w_firmware | - |
| qualcomm | msm8917_firmware | - |
| qualcomm | msm8920_firmware | - |
| qualcomm | msm8937_firmware | - |
| qualcomm | msm8940_firmware | - |
| qualcomm | msm8953_firmware | - |
| qualcomm | msm8976_firmware | - |
| qualcomm | msm8996au_firmware | - |
| qualcomm | msm8998_firmware | - |
| qualcomm | qcm2150_firmware | - |
| qualcomm | qcs605_firmware | - |
| qualcomm | qm215_firmware | - |
| qualcomm | sc8180x_firmware | - |
| qualcomm | sda660_firmware | - |
| qualcomm | sda845_firmware | - |
| qualcomm | sdm429_firmware | - |
| qualcomm | sdm439_firmware | - |
| qualcomm | sdm450_firmware | - |
| qualcomm | sdm630_firmware | - |
| qualcomm | sdm632_firmware | - |
| qualcomm | sdm636_firmware | - |
| qualcomm | sdm660_firmware | - |
| qualcomm | sdm670_firmware | - |
| qualcomm | sdm710_firmware | - |
| qualcomm | sdm845_firmware | - |
| qualcomm | sdm850_firmware | - |
| qualcomm | sdx20_firmware | - |
| qualcomm | sdx55_firmware | - |
| qualcomm | sm6150_firmware | - |
| qualcomm | sm7150_firmware | - |
| qualcomm | sm8150_firmware | - |
| qualcomm | sm8250_firmware | - |
| qualcomm | snapdragon_high_med_2016_firmware | - |
| qualcomm | sxr1130_firmware | - |
| qualcomm | sxr2130_firmware | - |
| qualcomm | nicobar_firmware | - |
| qualcomm | msm8939_firmware | - |
| qualcomm | sdx24_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration