CVE-2017-18143 — INC Snapdragon Mobile vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 55.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qualcomm INC Snapdragon Mobile Google Android

Timeline

PublishedApr 11

Latest updateMay 13

Description

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5qualcomm_inc/snapdragon_mobileSD 845, SD 850

▶googlegoogle/android

🔴Vulnerability Details

GHSA

GHSA-qxf7-7mh5-3w6r: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugg↗2022-05-13

▶

📋Vendor Advisories

Android

CVE-2017-18143: Closed-source component↗2018-04-01

▶