CVE-2019-2267

CVE Database · CVE-2019-2267

CVE-2019-2267

· HIGHModified

CVSS v3.1

7.8

EPSS

0.22%

Published

Jan 21, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130, SXR2130

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products (22)

qualcomm · mdm9205_firmwarevulnerable

qualcomm · mdm9205

qualcomm · qcs404_firmwarevulnerable

qualcomm · qcs404

qualcomm · qcs605_firmwarevulnerable

qualcomm · qcs605

qualcomm · sda845_firmwarevulnerable

qualcomm · sda845

qualcomm · sdm670_firmwarevulnerable

qualcomm · sdm670

qualcomm · sdm710_firmwarevulnerable

· sdm710

References (2)

https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs