CVE-2018-11922INC Snapdragon vulnerability

CWE-163 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 62.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qualcomm INC SnapdragonGoogle Android
Timeline
PublishedNov 26

Description

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5qualcomm_inc/snapdragon18 versions+17

🔴Vulnerability Details

1
GHSA
GHSA-92v2-fpqg-mwfv: Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user2024-11-26

📋Vendor Advisories

1
Android
CVE-2018-11922: Closed-source component2018-12-01