{"id": "CVE-2018-11828", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2018-10-26T13:29:01.107", "references": [{"url": "http://www.securityfocus.com/bid/107681", "tags": ["Third Party Advisory", "VDB Entry"], "source": "
[email protected]"}, {"url": "https://www.qualcomm.com/company/product-security/bulletins", "tags": ["Vendor Advisory"], "source": "
[email protected]"}, {"url": "http://www.securityfocus.com/bid/107681", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.qualcomm.com/company/product-security/bulletins", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "
[email protected]", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52"}, {"lang": "es", "value": "Cuando el firmware intenta obtener direcciones mac aleatorias generadas desde nuevo software, las lecturas de valores RNG y ADC son constantes, pero DUT se queda atrapado en un bucle al intentar obtener muestras ADC aleatorias en Snapdragon Mobile en versiones SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625 y SD 650/52."}], "lastModified": "2024-11-21T03:44:06.067", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FA80D57-3191-47CF-AD3F-9F2D64E443FE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B2AFB212-F01A-4CEB-8DB4-2E0CC2308CB6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0986EF1-0974-488E-84C4-6880F876CE55"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8C08BA58-2EBC-4A22-85A4-2ECD54693B9B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27110478-4C08-49E6-BD53-8BAAD9D5BD65"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3664D302-D22A-4B25-B534-3097AE2F8573"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C56BC939-2FE8-4AB4-B638-35C83B224005"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E36C12E2-7064-41E6-B357-3F0E6E6D0A0F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE5C66CC-B00C-4581-B8FB-0632232E480D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "87F57247-08CD-473E-A517-F9E85BFC7BEA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E07C621F-0BC0-40C1-9678-1AF6498AC487"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9C621A62-E346-406B-9D20-8FF6C2B0851F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06E0CC35-AC20-42D7-8FEA-CA4685E33E72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4A2C4DED-2367-4736-A0AF-C8356F1271AD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC1650DB-FDF8-4BE5-9437-8ADA11A07116"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B51DD51F-4BDE-497B-89E5-551D10CF3442"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0752054B-2C29-4490-ADC8-29F82BAA17E6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "005038B5-BCB7-4A23-8562-ACEF6E156C1F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "
[email protected]"}
