CVE-2019-2289
EUVD-2019-1193121.11.2019, 15:15
Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| qualcomm | apq8009_firmware | - |
| qualcomm | apq8017_firmware | - |
| qualcomm | apq8053_firmware | - |
| qualcomm | apq8096au_firmware | - |
| qualcomm | apq8098_firmware | - |
| qualcomm | mdm915_firmware | - |
| qualcomm | mdm9205_firmware | - |
| qualcomm | mdm9206_firmware | - |
| qualcomm | mdm9607_firmware | - |
| qualcomm | mdm9615_firmware | - |
| qualcomm | mdm9625_firmware | - |
| qualcomm | mdm9635m_firmware | - |
| qualcomm | mdm9640_firmware | - |
| qualcomm | mdm9650_firmware | - |
| qualcomm | mdm9655_firmware | - |
| qualcomm | msm8905_firmware | - |
| qualcomm | msm8909_firmware | - |
| qualcomm | msm8909w_firmware | - |
| qualcomm | msm8917_firmware | - |
| qualcomm | msm8920_firmware | - |
| qualcomm | msm8937_firmware | - |
| qualcomm | msm8940_firmware | - |
| qualcomm | msm8953_firmware | - |
| qualcomm | msm8976_firmware | - |
| qualcomm | msm8996au_firmware | - |
| qualcomm | msm8998_firmware | - |
| qualcomm | qcm2150_firmware | - |
| qualcomm | qcs605_firmware | - |
| qualcomm | qm215_firmware | - |
| qualcomm | sc8180x_firmware | - |
| qualcomm | sda660_firmware | - |
| qualcomm | sda845_firmware | - |
| qualcomm | sdm429_firmware | - |
| qualcomm | sdm439_firmware | - |
| qualcomm | sdm450_firmware | - |
| qualcomm | sdm630_firmware | - |
| qualcomm | sdm632_firmware | - |
| qualcomm | sdm636_firmware | - |
| qualcomm | sdm660_firmware | - |
| qualcomm | sdm670_firmware | - |
| qualcomm | sdm710_firmware | - |
| qualcomm | sdm845_firmware | - |
| qualcomm | sdm850_firmware | - |
| qualcomm | sdx20_firmware | - |
| qualcomm | sdx55_firmware | - |
| qualcomm | sm6150_firmware | - |
| qualcomm | sm7150_firmware | - |
| qualcomm | sm8150_firmware | - |
| qualcomm | sm8250_firmware | - |
| qualcomm | snapdragon_high_med_2016_firmware | - |
| qualcomm | sxr1130_firmware | - |
| qualcomm | sxr2130_firmware | - |
| qualcomm | nicobar_firmware | - |
| qualcomm | msm8939_firmware | - |
| qualcomm | sdx24_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration