CVE-2019-10564

HIGH

Qualcomm Snapdragon Firmware - Out-of-bounds Read in EEPROM Memory Map Access

Title source: llm
STIX 2.1

Description

Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

References (1)

Core 1

Scores

CVSS v3 7.8
EPSS 0.0019
EPSS Percentile 8.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-125
Status published
Products (26)
qualcomm/apq8009_firmware
qualcomm/apq8053_firmware
qualcomm/msm8909w_firmware
qualcomm/msm8917_firmware
qualcomm/msm8953_firmware
qualcomm/nicobar_firmware
qualcomm/qcs405_firmware
qualcomm/qcs605_firmware
qualcomm/qm215_firmware
qualcomm/sa6155p_firmware
... and 16 more
Published Dec 18, 2019
Tracked Since Feb 18, 2026