CVE-2017-13218
CVE-2017-13218
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 ene 2018Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this could lead to local information disclosure with no additional execution privileges needed in FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, QCN5502, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845.
Productos afectados
Qualcomm, Inc. · Android for MSM, Firefox OS for MSM, QRD Android¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://source.android.com/security/bulletin/2018-01-01https://www.codeaurora.org/security-bulletin/2018/06/04/june-2018-code-aurora-security-bulletinhttp://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlhttp://www.securityfocus.com/bid/102390http://www.securitytracker.com/id/1040106