{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T11:53:37.835","vulnerabilities":[{"cve":{"id":"CVE-2016-10409","sourceIdentifier":"product-security@qualcomm.com","published":"2018-04-18T14:29:09.713","lastModified":"2024-11-21T02:43:56.703","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers."},{"lang":"es","value":"En Android, antes del nivel de parche de seguridad del 2018-04-05 y antes en Qualcomm Snapdragon Automobile y Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A y SD 835, podría ocurrir una vulnerabilidad TOCTOU mientras se compone la petición RPMB empleando búfers controlados por HLOS."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C56BC939-2FE8-4AB4-B638-35C83B224005"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*","matchCriteriaId":"E36C12E2-7064-41E6-B357-3F0E6E6D0A0F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BE5C66CC-B00C-4581-B8FB-0632232E480D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*","matchCriteriaId":"87F57247-08CD-473E-A517-F9E85BFC7BEA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E07C621F-0BC0-40C1-9678-1AF6498AC487"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*","matchCriteriaId":"9C621A62-E346-406B-9D20-8FF6C2B0851F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"06E0CC35-AC20-42D7-8FEA-CA4685E33E72"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*","matchCriteriaId":"4A2C4DED-2367-4736-A0AF-C8356F1271AD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BC1650DB-FDF8-4BE5-9437-8ADA11A07116"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*","matchCriteriaId":"B51DD51F-4BDE-497B-89E5-551D10CF3442"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0752054B-2C29-4490-ADC8-29F82BAA17E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:*","matchCriteriaId":"005038B5-BCB7-4A23-8562-ACEF6E156C1F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E077FC03-F86F-417A-A3E6-BC88CB85C6F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*","matchCriteriaId":"E016356C-94ED-4CDD-8351-97D265FE036E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1CFF35A3-1472-4665-9DAB-1ABC45C0D5B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_835:-:*:*:*:*:*:*:*","matchCriteriaId":"F930E9BF-C502-49C6-8BE8-9A711B89FA1B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E08016A2-E4FE-4E9C-A915-C66BE157AFB5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*","matchCriteriaId":"018452D0-007C-4740-B2AF-E5C8BBAC310F"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/103671","source":"product-security@qualcomm.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-04-01","source":"product-security@qualcomm.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/103671","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-04-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}