1. CVE-Search
  2. CVE-2017-18073
ID CVE-2017-18073
Summary In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, the HLOS can gain access to unauthorized memory.
References
Vulnerable Configurations
  • cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE CWE-668
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 103671
confirm https://source.android.com/security/bulletin/2018-04-01
Last major update 03-10-2019 - 00:03
Published 11-04-2018 - 15:29
Last modified 03-10-2019 - 00:03
Back to Top