CVE-2018-11866

CVE Database · CVE-2018-11866

CVE-2018-11866

· N/AModified

CVSS v3.1

N/A

EPSS

0.23%

Published

Oct 29, 2018

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016.

Weaknesses (CWE)

CWE-190

Affected Products (50)

qualcomm · ipq8074_firmwarevulnerable

qualcomm · ipq8074

qualcomm · mdm9206_firmwarevulnerable

qualcomm · mdm9206

qualcomm · mdm9607_firmwarevulnerable

qualcomm · mdm9607

qualcomm · mdm9650_firmwarevulnerable

qualcomm · mdm9650

qualcomm · sd_210_firmwarevulnerable

qualcomm · sd_210

qualcomm · sd_212_firmwarevulnerable

· sd_212

References (2)

https://www.qualcomm.com/company/product-security/bulletins

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs