Vulnerabilities in Qualcomm, Inc.

2,934 results
Vexday analysis

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2018-11928Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute, SnapdragonEPSS 0.2%CVE-2020-11221Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checEPSS 0.2%CVE-2019-14104Slab-out-of-bounds access can occur if the context pointer is invalid due to lack of null check on pointer before accessing it in SnapdragonEPSS 0.2%CVE-2020-11217A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, SnapdragoEPSS 0.2%CVE-2020-11228Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, SnapdragEPSS 0.2%CVE-2020-3640u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOEPSS 0.2%CVE-2018-11976ECDSA signature code leaks private keys from secure world to non-secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon ConnectivitEPSS 0.2%CVE-2018-11958Insufficient protection of keys in keypad can lead HLOS to gain access to confidential keypad input data in Snapdragon Auto, Snapdragon ConsEPSS 0.2%CVE-2018-12004Secure keypad is unlocked with secure display still intact in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics ConnectivEPSS 0.2%CVE-2018-13885Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, SnapdragonEPSS 0.2%CVE-2019-14044Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon ConsuEPSS 0.2%CVE-2018-11971Interrupt exit code flow may undermine access control policy set forth by secure world can lead to potential secure asset leakage in SnapdraEPSS 0.2%CVE-2019-10615u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of keymasterEPSS 0.2%CVE-2019-13992u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, SnaEPSS 0.2%CVE-2019-10527u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range whicEPSS 0.2%CVE-2019-10597kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, SnapdragoEPSS 0.2%CVE-2019-13999u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' iEPSS 0.2%CVE-2020-11128u'Possible out of bound access while copying the mask file content into the buffer without checking the buffer size' in Snapdragon Auto, SnaEPSS 0.2%CVE-2019-14009Out of bound memory access while processing TZ command handler due to improper input validation on response length received from user in SnaEPSS 0.2%CVE-2019-14105Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IEPSS 0.2%