Vulnerability Name: CVE-2018-11277 (CCN-150328) Assigned: 2018-09-04 Published: 2018-09-04 Updated: 2019-10-03 Summary: In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image which has an inadequate permission level and allows any application installed from Play Store to request this permission at install-time. The system application interfaces with the Radio Interface Layer leading to potential access control issue. CVSS v3 Severity: 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): HighAvailibility (A): None
CVSS v2 Severity: 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): CompleteAvailibility (A): None
Vulnerability Type: CWE-732 Vulnerability Consequences: Bypass Security References: Source: MITRECVE-2018-11277 qualcomm-cve201811277-sec-bypass(150328) Security Bulletins https://www.qualcomm.com/company/product-security/bulletins Vulnerable Configuration: Configuration 1 :cpe:/o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:msm8909w:-:*:*:*:*:*:*:* Configuration 2 :cpe:/o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:msm8996au:-:*:*:*:*:*:*:* Configuration 3 :cpe:/o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd210:-:*:*:*:*:*:*:* Configuration 4 :cpe:/o:qualcomm:sd212_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd212:-:*:*:*:*:*:*:* Configuration 5 :cpe:/o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd205:-:*:*:*:*:*:*:* Configuration 6 :cpe:/o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd430:-:*:*:*:*:*:*:* Configuration 7 :cpe:/o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd450:-:*:*:*:*:*:*:* Configuration 8 :cpe:/o:qualcomm:sd615_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd615:-:*:*:*:*:*:*:* Configuration 9 :cpe:/o:qualcomm:sd616_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd616:-:*:*:*:*:*:*:* Configuration 10 :cpe:/o:qualcomm:sd415_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd415:-:*:*:*:*:*:*:* Configuration 11 :cpe:/o:qualcomm:sd617_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd617:-:*:*:*:*:*:*:* Configuration 12 :cpe:/o:qualcomm:sd625_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd625:-:*:*:*:*:*:*:* Configuration 13 :cpe:/o:qualcomm:sd650_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd650:-:*:*:*:*:*:*:* Configuration 14 :cpe:/o:qualcomm:sd652_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd652:-:*:*:*:*:*:*:* Configuration 15 :cpe:/o:qualcomm:sd810_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd810:-:*:*:*:*:*:*:* Configuration 16 :cpe:/o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd820:-:*:*:*:*:*:*:* Configuration 17 :cpe:/o:qualcomm:sd820a_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd820a:-:*:*:*:*:*:*:* Configuration 18 :cpe:/o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd835:-:*:*:*:*:*:*:* Configuration 19 :cpe:/o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd845:-:*:*:*:*:*:*:* Configuration 20 :cpe:/o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sda660:-:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/h:qualcomm:snapdragon_mobile:-:*:*:*:*:*:*:* BACK
qualcomm msm8909w firmware -
qualcomm msm8909w -
qualcomm msm8996au firmware -
qualcomm msm8996au -
qualcomm sd210 firmware -
qualcomm sd210 -
qualcomm sd212 firmware -
qualcomm sd212 -
qualcomm sd205 firmware -
qualcomm sd205 -
qualcomm sd430 firmware -
qualcomm sd430 -
qualcomm sd450 firmware -
qualcomm sd450 -
qualcomm sd615 firmware -
qualcomm sd615 -
qualcomm sd616 firmware -
qualcomm sd616 -
qualcomm sd415 firmware -
qualcomm sd415 -
qualcomm sd617 firmware -
qualcomm sd617 -
qualcomm sd625 firmware -
qualcomm sd625 -
qualcomm sd650 firmware -
qualcomm sd650 -
qualcomm sd652 firmware -
qualcomm sd652 -
qualcomm sd810 firmware -
qualcomm sd810 -
qualcomm sd820 firmware -
qualcomm sd820 -
qualcomm sd820a firmware -
qualcomm sd820a -
qualcomm sd835 firmware -
qualcomm sd835 -
qualcomm sd845 firmware -
qualcomm sd845 -
qualcomm sda660 firmware -
qualcomm sda660 -
qualcomm snapdragon mobile -
Denotes that component is vulnerable