CVE-2017-18128 — INC Snapdragon Mobile vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 57.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qualcomm INC Snapdragon Mobile Google Android

Timeline

PublishedApr 11

Latest updateMay 13

Description

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, improper access control while configuring MPU protecting error correction registers may potentially lead to exposure of related secured data.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5qualcomm_inc/snapdragon_mobileSD 845, SD 850

▶googlegoogle/android

🔴Vulnerability Details

GHSA

GHSA-mg42-r7gg-v4qh: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, improper access control while configuring MPU protecti↗2022-05-13

▶

📋Vendor Advisories

Android

CVE-2017-18128: Closed-source component↗2018-04-01

▶