Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.
Vector
LOCAL
Complexity
LOW
Authentication
NONE
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL
Qualcomm Mdm9206 firmware - (not an official CPE)
Qualcomm Mdm9607 firmware - (not an official CPE)
Qualcomm Msm8996au firmware - (not an official CPE)
Qualcomm Sd 205 firmware - (not an official CPE)
Qualcomm Sd 210 firmware - (not an official CPE)
Qualcomm Sd 212 firmware - (not an official CPE)
Qualcomm Sd 410 firmware - (not an official CPE)
Qualcomm Sd 412 firmware - (not an official CPE)
Qualcomm Sd 415 firmware - (not an official CPE)
Qualcomm Sd 425 firmware - (not an official CPE)
Qualcomm Sd 427 firmware - (not an official CPE)
Qualcomm Sd 429 firmware - (not an official CPE)
Qualcomm Sd 430 firmware - (not an official CPE)
Qualcomm Sd 435 firmware - (not an official CPE)
Qualcomm Sd 439 firmware - (not an official CPE)
Qualcomm Sd 450 firmware - (not an official CPE)
Qualcomm Sd 615 firmware - (not an official CPE)
Qualcomm Sd 616 firmware - (not an official CPE)
Qualcomm Sd 625 firmware - (not an official CPE)
Qualcomm Sd 632 firmware - (not an official CPE)
Qualcomm Sd 636 firmware - (not an official CPE)
Qualcomm Sd 650 firmware - (not an official CPE)
Qualcomm Sd 652 firmware - (not an official CPE)
Qualcomm Sd 810 firmware - (not an official CPE)
Qualcomm Sd 820 firmware - (not an official CPE)
Qualcomm Sd 820a firmware - (not an official CPE)
Qualcomm Sd 835 firmware - (not an official CPE)
Qualcomm Sda660 firmware - (not an official CPE)
Qualcomm Sdm439 firmware - (not an official CPE)
Qualcomm Sdm630 firmware - (not an official CPE)
Qualcomm Sdm660 firmware - (not an official CPE)
Qualcomm Sdx24 firmware - (not an official CPE)
Qualcomm Snapdragon high med 2016 firmware - (not an official CPE)
Qualcomm - Mdm9206 firmware
Qualcomm - Mdm9607 firmware
Qualcomm - Msm8996au firmware
Qualcomm - Sd 205 firmware
Qualcomm - Sd 210 firmware
Qualcomm - Sd 212 firmware
Qualcomm - Sd 410 firmware
Qualcomm - Sd 412 firmware
Qualcomm - Sd 415 firmware
Qualcomm - Sd 425 firmware
Qualcomm - Sd 427 firmware
Qualcomm - Sd 429 firmware
Qualcomm - Sd 430 firmware
Qualcomm - Sd 435 firmware
Qualcomm - Sd 439 firmware
Qualcomm - Sd 450 firmware
Qualcomm - Sd 615 firmware
Qualcomm - Sd 616 firmware
Qualcomm - Sd 625 firmware
Qualcomm - Sd 632 firmware
Qualcomm - Sd 636 firmware
Qualcomm - Sd 650 firmware
Qualcomm - Sd 652 firmware
Qualcomm - Sd 810 firmware
Qualcomm - Sd 820 firmware
Qualcomm - Sd 820a firmware
Qualcomm - Sd 835 firmware
Qualcomm - Sda660 firmware
Qualcomm - Sdm439 firmware
Qualcomm - Sdm630 firmware
Qualcomm - Sdm660 firmware
Qualcomm - Sdx24 firmware
Qualcomm - Snapdragon high med 2016 firmware
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| 106128 | |||
| https://www.qualcomm.com/company/product-security/bullet... |
Improper Authorization (ID 285)
Related CAPEC 13
Accessing Functionality Not Properly Constrained by ACLs (CAPEC-ID 1)
Cross Zone Scripting (CAPEC-ID 104)
Directory Indexing (CAPEC-ID 127)
Subverting Environment Variable Values (CAPEC-ID 13)
Accessing, Modifying or Executing Executable Files (CAPEC-ID 17)
Manipulating Opaque Client-based Data Tokens (CAPEC-ID 39)
Buffer Overflow via Symbolic Links (CAPEC-ID 45)
Poison Web Service Registry (CAPEC-ID 51)
Session Credential Falsification through Prediction (CAPEC-ID 59)
Reusing Session IDs (aka Session Replay) (CAPEC-ID 60)
Manipulating Input to File System Calls (CAPEC-ID 76)
Manipulating User-Controlled Variables (CAPEC-ID 77)
Forceful Browsing (CAPEC-ID 87)