CVE-2017-18171 Details

CVE-2017-18171

Published: 2018-10-23
Last Modified: 2019-10-03
CVE Author: NIST National Vulnerability Database
CVE Assigner: cve@mitre.org
Summary

Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016.

Analysis
Common Vulnerability Score System v2.0
Severity High
Base Score 8.3/10
Exploit Score 6.5/10
Access Vector Adjacent_network
Access Complexity Low
Authentication None
Impact Score 10/10
Confidentiality Impact Complete
Availability Impact Complete
Integrity Impact Complete
Vector String AV:A/AC:L/Au:N/C:C/I:C/A:C
Common Vulnerability Score System v3.1
Severity High
Base Score 8.8/10
Exploit Score 2.8/10
Access Vector Adjacent_network
Access Complexity Low
Privileges Required None
Impact Score 5.9/10
Confidentiality Impact High
Availability Impact High
Integrity Impact High
Scope Unchanged
User Interaction None
Vector String CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Products Reported
CPE Vulnerable Start Excluding
cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:qca9379:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_412:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sdm636_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sdm636:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:* No - -
cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:* No - -
References

https://source.android.com/security/bulletin/2018-07-01#qualcomm-closed-source-components
https://www.qualcomm.com/company/product-security/bulletins

CVE ID
CVE-2017-18171
Published
2018-10-23
Modified
2019-10-03
CVSSv2.0
High
CVSSv3.1
High
PCI Compliance
Fail
US-CERT Alert
No
CWE
CWE-119

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities.