CVE-2019-10606

HIGH

Qualcomm Mdm9607 Firmware - Buffer Overflow

Title source: rule
STIX 2.1

Description

Out-of-bound access will occur in USB driver due to lack of check to validate the frame size passed by user in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, QCS605, SDX24

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0003
EPSS Percentile 9.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (8)
qualcomm/mdm9607_firmware
qualcomm/msm8909w_firmware
qualcomm/msm8917_firmware
qualcomm/msm8920_firmware
qualcomm/msm8937_firmware
qualcomm/msm8940_firmware
qualcomm/qcs605_firmware
qualcomm/sdx24_firmware
Published Jan 21, 2020
Tracked Since Feb 18, 2026