CVE-2019-14030

CVE Database · CVE-2019-14030

CVE-2019-14030

· HIGHModified

CVSS v3.1

7.8

EPSS

0.20%

Published

Mar 5, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The size of a buffer is determined by addition and multiplications operations that have the potential to overflow due to lack of bound check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, Rennell, SC8180X, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-120

Affected Products (24)

qualcomm · mdm9205_firmwarevulnerable

qualcomm · mdm9205

qualcomm · qcs404_firmwarevulnerable

qualcomm · qcs404

qualcomm · rennell_firmwarevulnerable

qualcomm · rennell

qualcomm · sc8180x_firmwarevulnerable

qualcomm · sc8180x

qualcomm · sdm845_firmwarevulnerable

qualcomm · sdm845

qualcomm · sdm850_firmwarevulnerable

· sdm850

References (2)

https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs