{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T18:32:48.915","vulnerabilities":[{"cve":{"id":"CVE-2015-9199","sourceIdentifier":"product-security@qualcomm.com","published":"2018-04-18T14:29:07.887","lastModified":"2024-11-21T02:40:01.687","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820, and SD 820A, A non-secure region check is done while registering QSEE buffer address which is passed by HLOS but not while logging in the QSEE buffer, so corruption of dynamically protected secure region can occur if the non-secure buffer is changed between the time it's checked and when it's used."},{"lang":"es","value":"En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820 y SD 820A, se realiza una comprobación de una región no segura mientras se registra una dirección de búfer QSEE pasada por HLOS, pero no mientras se registra en el búfer QSEE. Esto significa que la región segura protegida dinámicamente se puede corromper si el búfer no seguro se cambia entre el tiempo en el que se comprueba y cuando se usa."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"94CB547F-0078-47CD-B511-06DE96882D5A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*","matchCriteriaId":"AA679375-BB14-4B24-8AD9-B2BFBACE2FDB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9625_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"93AE9CA0-59C4-4C7E-8D5E-E0226117C45A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9625:-:*:*:*:*:*:*:*","matchCriteriaId":"467A5C4D-9909-44B5-9D1B-B746902FF094"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9EF77DD1-BE11-4132-9889-646196FAE567"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*","matchCriteriaId":"CB323C15-2018-4CB8-858E-56F088B03FBB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7FD1C359-C79B-4CE8-A192-5AA34D0BF05B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*","matchCriteriaId":"716B747E-672C-4B95-9D8E-1262338E67EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"35B7E25E-FA92-4C36-883C-CFF36F4B3507"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*","matchCriteriaId":"ECD99C6F-2444-4A5E-A517-0C8023DDF23D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A7AFDBF8-D08A-4C98-B4A4-A4C7049DD05F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*","matchCriteriaId":"520B217E-C02B-493D-8C11-E155E50357B0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0FA80D57-3191-47CF-AD3F-9F2D64E443FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*","matchCriteriaId":"B2AFB212-F01A-4CEB-8DB4-2E0CC2308CB6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E0986EF1-0974-488E-84C4-6880F876CE55"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*","matchCriteriaId":"8C08BA58-2EBC-4A22-85A4-2ECD54693B9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"27110478-4C08-49E6-BD53-8BAAD9D5BD65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*","matchCriteriaId":"3664D302-D22A-4B25-B534-3097AE2F8573"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_400_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AC3C20F8-9EFD-457C-B0B2-DA3C44A8B26D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_400:-:*:*:*:*:*:*:*","matchCriteriaId":"4B562043-7A0C-4692-A94F-EF4086BAA654"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F683C42D-A310-4369-9689-3DBC9288591E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*","matchCriteriaId":"0EADE10A-0F63-4149-8F03-030673D6D7CE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A78C9449-5EB0-459B-AA72-EFF00592C30A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_412:-:*:*:*:*:*:*:*","matchCriteriaId":"2D583172-F1F1-4DF8-99CE-B94A84D14CCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"549E6F7E-A54F-423F-BD4A-A8FB97DBD39E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*","matchCriteriaId":"992C3835-7183-4D96-8647-DD9916880323"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A7B95CCC-37F1-4768-8D64-CA2028E93E03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:*","matchCriteriaId":"D1426161-4F7C-44B1-AA9E-EA661AA68947"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ECF81213-DE2D-4C4B-99E8-71AFD87E92CD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*","matchCriteriaId":"95E826EF-343B-47FA-AB54-F13E868CE6A7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"67E0DD11-0B28-4B6D-BDB7-0DBFA34A7187"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_800:-:*:*:*:*:*:*:*","matchCriteriaId":"551512D0-ED24-4B5A-BEB2-B090BB8DEE0C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_808_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"33257838-2D70-4C43-8EE8-7538764EFFD9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_808:-:*:*:*:*:*:*:*","matchCriteriaId":"1B2D83E1-F1F2-48E5-B3E0-806DAB14B60B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95B4B4D4-0357-4E1D-9B72-635106D632CF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_810:-:*:*:*:*:*:*:*","matchCriteriaId":"2F992088-5E31-4625-8C3B-CE7F946C61F2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E077FC03-F86F-417A-A3E6-BC88CB85C6F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*","matchCriteriaId":"E016356C-94ED-4CDD-8351-97D265FE036E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E08016A2-E4FE-4E9C-A915-C66BE157AFB5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*","matchCriteriaId":"018452D0-007C-4740-B2AF-E5C8BBAC310F"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/103671","source":"product-security@qualcomm.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-04-01","source":"product-security@qualcomm.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/103671","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-04-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}