VDB

CVE-2019-10601

CVE-2019-10601 PUBLISHED CVSS 7.800000190734863 HIGH

Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MSM8996AU, Nicobar, QCA6574AU, QCN7605, QCS405, SDM630, SDM636, SDM660, SDM845, SM6150, SM7150, SM8150

EPSS 0.03% · 10.1th percentile

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.03%
10.1th percentile

Affected Products

VendorProductVersions
qualcommsdm660_firmware
Qualcomm, Inc.Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and NetworkingAPQ8096AU, IPQ4019, IPQ8064, IPQ8074, MSM8996AU, Nicobar, QCA6574AU, QCN7605, QCS405, SDM630, SDM636, SDM660, SDM845, SM6150, SM7150, SM8150
qualcommsm7150_firmware
qualcommsdm630_firmware
qualcommsm6150_firmware
qualcommipq8064_firmware
qualcommmsm8996au_firmware
qualcommipq4019_firmware
qualcommsm8150_firmware
qualcommsdm636_firmware
qualcommipq8074_firmware
qualcommnicobar_firmware
qualcommqcn7605_firmware
qualcommqca6574au_firmware
qualcommapq8096au_firmware
qualcommqcs405_firmware
qualcommsdm845_firmware

Timeline

  • Dec 2, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›