CVE-2018-11921

HIGH

Snapdragon Automobile/Wear/Mobile <various - Info Disclosure

Title source: llm

Description

Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.

References (2)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/106845

Scores

CVSS v3 7.8

EPSS 0.0004

EPSS Percentile 11.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-755

Status published

Affected Products (29)

qualcomm/mdm9206_firmware

qualcomm/mdm9607_firmware

qualcomm/mdm9650_firmware

qualcomm/msm8996au_firmware

qualcomm/sd_210_firmware

qualcomm/sd_212_firmware

qualcomm/sd_205_firmware

qualcomm/sd_410_firmware

qualcomm/sd_412_firmware

qualcomm/sd_425_firmware

qualcomm/sd_430_firmware

qualcomm/sd_450_firmware

qualcomm/sd_615_firmware

qualcomm/sd_616_firmware

qualcomm/sd_415_firmware

... and 14 more

Timeline

Published Nov 28, 2018

Tracked Since Feb 18, 2026