CVE-2017-18314 : In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M,

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, on TZ cold boot the CNOC_QDSS RG0 locked by xBL_SEC is cleared by TZ.

Published 2018-09-20 13:29:01

Updated 2019-10-03 00:03:26

Source Qualcomm, Inc.

View at NVD, CVE.org

Products affected by CVE-2017-18314

Qualcomm » Mdm9206 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9206 » Version: N/A
Qualcomm » Mdm9607 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9607 » Version: N/A
Qualcomm » Mdm9650 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9650 » Version: N/A
Qualcomm » Msm8909w Firmware » Version: N/A
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Msm8909w » Version: N/A
Qualcomm » Mdm9635m Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9635m » Version: N/A
Qualcomm » Mdm9640 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9640 » Version: N/A
Qualcomm » Mdm9645 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9645 » Version: N/A
Qualcomm » Mdm9655 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9655 » Version: N/A
Qualcomm » Sdm630 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdm630 » Version: N/A
Qualcomm » Sdm636 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdm636_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdm636 » Version: N/A
Qualcomm » Sdm660 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdm660 » Version: N/A
Qualcomm » Msm8996au Firmware » Version: N/A
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Msm8996au » Version: N/A
Qualcomm » Sdm632 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdm632 » Version: N/A
Qualcomm » Sd210 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd210 » Version: N/A
Qualcomm » Sd212 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd212_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd212 » Version: N/A
Qualcomm » Sd205 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd205 » Version: N/A
Qualcomm » Sd425 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd425_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd425 » Version: N/A
Qualcomm » Sd427 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd427_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd427 » Version: N/A
Qualcomm » Sd430 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd430 » Version: N/A
Qualcomm » Sd435 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd435_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd435 » Version: N/A
Qualcomm » Sd450 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd450 » Version: N/A
Qualcomm » Sd617 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd617_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd617 » Version: N/A
Qualcomm » Sd625 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd625_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd625 » Version: N/A
Qualcomm » Sd650 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd650_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd650 » Version: N/A
Qualcomm » Sd652 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd652_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd652 » Version: N/A
Qualcomm » Sd820 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd820 » Version: N/A
Qualcomm » Sd820a Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd820a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd820a » Version: N/A
Qualcomm » Sd835 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd835 » Version: N/A
Qualcomm » Sdm429 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdm429 » Version: N/A
Qualcomm » Sdm439 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdm439 » Version: N/A
Qualcomm » Sda660 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sda660 » Version: N/A
Qualcomm » Sd410 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd410_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd410 » Version: N/A
Qualcomm » Sd412 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd412_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd412 » Version: N/A
Qualcomm » Sd615 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd615_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd615 » Version: N/A
Qualcomm » Sd616 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd616_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd616 » Version: N/A
Qualcomm » Sd415 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd415_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd415 » Version: N/A
Qualcomm » Sd810 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd810_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd810 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2017-18314

EPSS FAQ

0.29%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 49 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-18314

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2017-18314

https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components

Android Security Bulletin—September 2018 | Android Open Source Project
Vendor Advisory

CVEs referencing this url
https://www.qualcomm.com/company/product-security/bulletins

Security Advisories | Product Security | Qualcomm
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2017-18314

Products affected by CVE-2017-18314

Exploit prediction scoring system (EPSS) score for CVE-2017-18314

CVSS scores for CVE-2017-18314

References for CVE-2017-18314