複数の Snapdragon 製品におけるアクセス制御に関する脆弱性
| Title |
複数の Snapdragon 製品におけるアクセス制御に関する脆弱性
|
| Summary |
Snapdragon Automobile、Snapdragon Mobile、および Snapdragon Wear には、アクセス制御に関する脆弱性が存在します。
|
| Possible impacts |
情報を取得される、および情報を改ざんされる可能性があります。 |
| Solution |
ベンダ情報および参考情報を参照して適切な対策を実施してください。 |
| Publication Date |
Feb. 5, 2018, midnight |
| Registration Date |
Oct. 5, 2018, 2:34 p.m. |
| Last Update |
Oct. 5, 2018, 2:34 p.m. |
|
CVSS3.0 : 重要
|
| Score |
7.7
|
| Vector |
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
|
CVSS2.0 : 注意
|
| Score |
3.6
|
| Vector |
AV:L/AC:L/Au:N/C:P/I:P/A:N |
Affected System
| クアルコム |
|
MDM9206 ファームウェア
|
|
MDM9607 ファームウェア
|
|
MDM9635M ファームウェア
|
|
MDM9640 ファームウェア
|
|
MDM9650 ファームウェア
|
|
MDM9655 ファームウェア
|
|
MSM8909W ファームウェア
|
|
MSM8996AU ファームウェア
|
|
SD 205 ファームウェア
|
|
SD 210 ファームウェア
|
|
SD 212 ファームウェア
|
|
SD 410 ファームウェア
|
|
SD 412 ファームウェア
|
|
SD 415 ファームウェア
|
|
SD 425 ファームウェア
|
|
SD 427 ファームウェア
|
|
SD 430 ファームウェア
|
|
SD 435 ファームウェア
|
|
SD 450 ファームウェア
|
|
SD 615 ファームウェア
|
|
SD 616 ファームウェア
|
|
SD 617 ファームウェア
|
|
SD 625 ファームウェア
|
|
SD 650 ファームウェア
|
|
SD 652 ファームウェア
|
|
SD 800 ファームウェア
|
|
SD 810 ファームウェア
|
|
SD 820 ファームウェア
|
|
SD 820A ファームウェア
|
|
SD 835 ファームウェア
|
|
SD 845 ファームウェア
|
|
SD 850 ファームウェア
|
|
SDM 632 ファームウェア
|
|
SDM630 ファームウェア
|
|
SDM636 ファームウェア
|
|
SDM660 ファームウェア
|
|
SDX20 ファームウェア
|
|
Snapdragon_High_Med_2016 ファームウェア
|
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
ベンダー情報
Change Log
| No |
Changed Details |
Date of change |
| 1 |
[2018年10月05日]
掲載 |
Oct. 5, 2018, 2:34 p.m. |
NVD Vulnerability Information
CVE-2018-11259
| Summary |
Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition.
|
| Publication Date |
July 7, 2018, 2:29 a.m. |
| Registration Date |
March 1, 2021, 6:45 p.m. |
| Last Update |
Nov. 21, 2024, 12:43 p.m. |
Affected software configurations
| Configuration1 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:* |
| Configuration2 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:* |
| Configuration3 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:* |
| Configuration4 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:* |
| Configuration5 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:* |
| Configuration6 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:* |
| Configuration7 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:* |
| Configuration8 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:* |
| Configuration9 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:* |
| Configuration10 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:* |
| Configuration11 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:* |
| Configuration12 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:* |
| Configuration13 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_412:-:*:*:*:*:*:*:* |
| Configuration14 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:* |
| Configuration15 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:* |
| Configuration16 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:* |
| Configuration17 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:* |
| Configuration18 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:* |
| Configuration19 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:* |
| Configuration20 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:* |
| Configuration21 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:* |
| Configuration22 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_617:-:*:*:*:*:*:*:* |
| Configuration23 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:* |
| Configuration24 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:* |
| Configuration25 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:* |
| Configuration26 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_800_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_800:-:*:*:*:*:*:*:* |
| Configuration27 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_810:-:*:*:*:*:*:*:* |
| Configuration28 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:* |
| Configuration29 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:* |
| Configuration30 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:* |
| Configuration31 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:* |
| Configuration32 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:* |
| Configuration33 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:* |
| Configuration34 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sdm632:-:*:*:*:*:*:*:* |
| Configuration35 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sdm636_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sdm636:-:*:*:*:*:*:*:* |
| Configuration36 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:* |
| Configuration37 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:* |
| Configuration38 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:qualcomm:snapdragon_high_med_2016_firmware:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:qualcomm:snapdragon_high_med_2016:-:*:*:*:*:*:*:* |
Related information, measures and tools
Common Vulnerabilities List