CVE-2018-3588
HIGHQualcomm Snapdragon Automobile/Mobile/Wear - Code Injection via Improper Access Control
Title source: llmDescription
There is improper access control of the SSC and GPU mapped regions which lead to inject code from HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, SDA660.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins
Scores
CVSS v3
7.8
EPSS
0.0009
EPSS Percentile
26.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (11)
qualcomm/mdm9206_firmware
qualcomm/mdm9607_firmware
qualcomm/mdm9650_firmware
qualcomm/msm8996au_firmware
qualcomm/sd_205_firmware
qualcomm/sd_210_firmware
qualcomm/sd_212_firmware
qualcomm/sd_820_firmware
qualcomm/sd_820a_firmware
qualcomm/sd_835_firmware
... and 1 more
Published
Oct 26, 2018
Tracked Since
Feb 18, 2026