CVE-2019-14081

Published Mar 5, 2020

Last updated 5 years ago

Overview

Description
Buffer Over-read when WLAN module gets a WMI message for SAR limits with invalid number of limits to be enforced in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ8074, MSM8998, QCA8081, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130
Source
product-security@qualcomm.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7.1
Impact score
5.2
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Severity
HIGH

CVSS 2.0

Type
Primary
Base score
6.6
Impact score
9.2
Exploitability score
3.9
Vector string
AV:L/AC:L/Au:N/C:C/I:N/A:C

Weaknesses

nvd@nist.gov
CWE-125

Social media

Hype score
Not currently trending

Configurations