CVE-2019-14131

CRITICAL

Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapd...

Title source: llm

Description

Out of bound write can occur in radio measurement request if STA receives multiple invalid rrm measurement request from AP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8998, Nicobar, QCA6574AU, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDM660, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin

Scores

CVSS v3 9.8

EPSS 0.0033

EPSS Percentile 56.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (21)

qualcomm/apq8053_firmware

qualcomm/apq8096au_firmware

qualcomm/msm8998_firmware

qualcomm/nicobar_firmware

qualcomm/qca6574au_firmware

qualcomm/qcs605_firmware

qualcomm/rennell_firmware

qualcomm/sa6155p_firmware

qualcomm/saipan_firmware

qualcomm/sc8180x_firmware

... and 11 more

Published Apr 16, 2020

Tracked Since Feb 18, 2026