CVE-2019-2235

CVE Database · CVE-2019-2235

CVE-2019-2235

· N/AModified

CVSS v3.1

N/A

EPSS

0.21%

Published

Jul 25, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow occurs when emulated RPMB is used due to sector size assumptions in the TA rollback protection logic. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Weaknesses (CWE)

CWE-119

Affected Products (70)

qualcomm · mdm9206_firmwarevulnerable

qualcomm · mdm9206

qualcomm · mdm9607_firmwarevulnerable

qualcomm · mdm9607

qualcomm · mdm9650_firmwarevulnerable

qualcomm · mdm9650

qualcomm · mdm9655_firmwarevulnerable

qualcomm · mdm9655

qualcomm · msm8996au_firmwarevulnerable

qualcomm · msm8996au

qualcomm · qcs404_firmwarevulnerable

· qcs404

References (2)

https://www.qualcomm.com/company/product-security/bulletins

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs