{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T12:18:03.904","vulnerabilities":[{"cve":{"id":"CVE-2016-10486","sourceIdentifier":"product-security@qualcomm.com","published":"2018-04-18T14:29:13.557","lastModified":"2024-11-21T02:44:06.910","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, and SD 820A, PD failure reason string from user PD is used directly in root PD, so if the buffer parameter is non-NULL terminated in Diag F3 APIs, a buffer overread occurs."},{"lang":"es","value":"En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Automobile y Snapdragon Mobile MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820 y SD 820A, la cadena PD de motivo de error se usa directamente en root PD. Por lo tanto, si el parámetro del búfer no se termina en NULL en las API Diag F3, ocurre una sobrelectura de búfer."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7FD1C359-C79B-4CE8-A192-5AA34D0BF05B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*","matchCriteriaId":"716B747E-672C-4B95-9D8E-1262338E67EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"65E5C59A-ABCF-4F62-8C6D-ECDACDAA83C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9645:-:*:*:*:*:*:*:*","matchCriteriaId":"1F8F856B-70D7-4A1A-8257-90AAAE62CD6F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0FA80D57-3191-47CF-AD3F-9F2D64E443FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*","matchCriteriaId":"B2AFB212-F01A-4CEB-8DB4-2E0CC2308CB6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E0986EF1-0974-488E-84C4-6880F876CE55"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*","matchCriteriaId":"8C08BA58-2EBC-4A22-85A4-2ECD54693B9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"27110478-4C08-49E6-BD53-8BAAD9D5BD65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*","matchCriteriaId":"3664D302-D22A-4B25-B534-3097AE2F8573"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E07C621F-0BC0-40C1-9678-1AF6498AC487"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*","matchCriteriaId":"9C621A62-E346-406B-9D20-8FF6C2B0851F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D27A1760-8D1B-4172-B6CE-65C72332F103"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_617:-:*:*:*:*:*:*:*","matchCriteriaId":"CC5F96F1-D3FB-482B-A3C8-57BA4DE86D5E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"06E0CC35-AC20-42D7-8FEA-CA4685E33E72"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*","matchCriteriaId":"4A2C4DED-2367-4736-A0AF-C8356F1271AD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BC1650DB-FDF8-4BE5-9437-8ADA11A07116"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_650:-:*:*:*:*:*:*:*","matchCriteriaId":"B51DD51F-4BDE-497B-89E5-551D10CF3442"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0752054B-2C29-4490-ADC8-29F82BAA17E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_652:-:*:*:*:*:*:*:*","matchCriteriaId":"005038B5-BCB7-4A23-8562-ACEF6E156C1F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_808_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"33257838-2D70-4C43-8EE8-7538764EFFD9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_808:-:*:*:*:*:*:*:*","matchCriteriaId":"1B2D83E1-F1F2-48E5-B3E0-806DAB14B60B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95B4B4D4-0357-4E1D-9B72-635106D632CF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_810:-:*:*:*:*:*:*:*","matchCriteriaId":"2F992088-5E31-4625-8C3B-CE7F946C61F2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_820_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E077FC03-F86F-417A-A3E6-BC88CB85C6F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_820:-:*:*:*:*:*:*:*","matchCriteriaId":"E016356C-94ED-4CDD-8351-97D265FE036E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_820a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E08016A2-E4FE-4E9C-A915-C66BE157AFB5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_820a:-:*:*:*:*:*:*:*","matchCriteriaId":"018452D0-007C-4740-B2AF-E5C8BBAC310F"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/103671","source":"product-security@qualcomm.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-04-01","source":"product-security@qualcomm.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/103671","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2018-04-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}