CVE-2014-10050

CRITICAL

Qualcomm MSM8996/MSM8939/MSM8976/MSM8917/SDM845/SDM660 Firmware - Improper Access Control in RPMB

Title source: llm
STIX 2.1

Description

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM845, and SDM660, access control collision vulnerability when accessing the replay protected memory block.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2018-04-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/103671

Scores

CVSS v3 9.8
EPSS 0.0119
EPSS Percentile 64.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-284
Status published
Products (6)
qualcomm/msm8917_firmware
qualcomm/msm8939_firmware
qualcomm/msm8976_firmware
qualcomm/msm8996_firmware
qualcomm/sdm660_firmware
qualcomm/sdm845_firmware
Published Apr 18, 2018
Tracked Since Feb 18, 2026