A vulnerability classified as critical has been found in Qualcomm Snapdragon Mobile and Snapdragon Wear up to SDA660 (Chip Software). This affects some unknown functionality of the component TZ. The manipulation with an unknown input leads to a array index vulnerability. CWE is classifying the issue as CWE-129. The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:

Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.

The bug was discovered 10/01/2018. The weakness was shared 10/26/2018 (Website). The advisory is shared at qualcomm.com. This vulnerability is uniquely identified as CVE-2018-5914 since 01/18/2018. The exploitability is told to be easy. An attack has to be approached locally. No form of authentication is needed for exploitation. Neither technical details nor an exploit are publicly available.

The vulnerability was handled as a non-public zero-day exploit for at least 25 days. During that time the estimated underground price was around $5k-$25k.

Upgrading eliminates this vulnerability.

The entries 120497, 120506, 120507 and 120508 are related to this item.

Productinfo

Type

• Chip Software

Vendor

• Qualcomm

Name

• Snapdragon Mobile
• Snapdragon Wear

Version

• MDM9206
• MDM9607
• MDM9650
• SD 210-SD 212-SD 205
• SD 425
• SD 430
• SD 450
• SD 625
• SD 650-52
• SD 835
• SDA660

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion