CVE-2019-10562

CVE Database · CVE-2019-10562

CVE-2019-10562

· HIGHModified

CVSS v3.1

7.8

EPSS

0.16%

Published

Sep 8, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MSM8998, Nicobar, QCS404, QCS605, QCS610, Rennell, SA415M, SA6155P, SC7180, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-287CWE-347

Affected Products (56)

qualcomm · ipq6018_firmwarevulnerable

qualcomm · ipq6018

qualcomm · kamorta_firmwarevulnerable

qualcomm · kamorta

qualcomm · msm8998_firmwarevulnerable

qualcomm · msm8998

qualcomm · nicobar_firmwarevulnerable