CVE-2018-11888 - OpenCVE

Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from other TA in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music in versions MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SD 835, SD 8CX, SDM439, Snapdragon_High_Med_2016.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Qualcomm	Sd 616 Mdm9607 Firmware Msm8996au Mdm9655 Firmware Sd 410 Sdm439 Firmware Sd 429 Sd 820a Sd 652 Sd 427 Sd 450 Firmware Sd 439 Sd 616 Firmware Sdm439 Sd 450 Sd 412 Sd 212 Sd 410 Firmware Sd 820a Firmware Sd 425 Sd 435 Firmware Sd 425 Firmware Sd 835 Sd 650 Firmware Sd 820 Firmware Sd 435 Sd 205 Firmware Sd 430 Firmware Sd 632 Sd 835 Firmware Sd 625 Snapdragon High Med 2016 Firmware Mdm9607 Sd 427 Firmware Sd 8cx Snapdragon High Med 2016 Sd 415 Firmware Sd 615 Sd 652 Firmware Sd 615 Firmware Sd 415 Sd 820 Sd 412 Firmware Sd 210 Firmware Msm8996au Firmware Mdm9650 Sd 212 Firmware Sd 625 Firmware Mdm9655 Sd 430 Sd 632 Firmware Sd 429 Firmware Sd 210 Sd 650 Mdm9650 Firmware Sd 439 Firmware Sd 8cx Firmware Sd 205

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_412:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:qualcomm:sd_439_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_439:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:qualcomm:sd_429_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_429:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:qualcomm:sd_632_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_632:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_high_med_2016_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_high_med_2016:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/106475	Third Party Advisory
https://www.qualcomm.com/company/product-security/bulletins	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: qualcomm

Published: 2019-02-11T15:00:00

Updated: 2019-02-12T10:57:01

Reserved: 2018-06-07T00:00:00

Link: CVE-2018-11888

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-02-11T15:29:00.363

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-11888

JSON object: View

Redhat Information

No data.

CWE

CWE-862