CVE-2019-14119

CVE Database · CVE-2019-14119

CVE-2019-14119

· HIGHModified

CVSS v3.1

7.0

EPSS

0.13%

Published

Sep 8, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDM670, SDM710, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-367CWE-787

Affected Products (50)

qualcomm · ipq6018_firmwarevulnerable

qualcomm · ipq6018

qualcomm · kamorta_firmwarevulnerable

qualcomm · kamorta

qualcomm · mdm9205_firmwarevulnerable

qualcomm · mdm9205

qualcomm · mdm9607_firmwarevulnerable