CVE-2019-14066

HIGH

Snapdragon Auto et al - Buffer Overflow

Title source: llm
STIX 2.1

Description

Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking Feature ID status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, Rennell, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SXR2130

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0003
EPSS Percentile 10.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-190
Status published
Products (14)
qualcomm/kamorta_firmware
qualcomm/mdm9205_firmware
qualcomm/mdm9607_firmware
qualcomm/nicobar_firmware
qualcomm/qcs404_firmware
qualcomm/qcs405_firmware
qualcomm/rennell_firmware
qualcomm/sa6155p_firmware
qualcomm/sc7180_firmware
qualcomm/sc8180x_firmware
... and 4 more
Published Jun 02, 2020
Tracked Since Feb 18, 2026