{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T17:28:34.976","vulnerabilities":[{"cve":{"id":"CVE-2017-18313","sourceIdentifier":"product-security@qualcomm.com","published":"2018-10-23T13:29:02.837","lastModified":"2024-11-21T03:19:50.010","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Under certain mode of operations, HLOS may be able get direct or indirect access through DXE channels to tamper with the authenticated WCNSS firmware stored in DDR because DXE-accessible memory is located within the authenticated image in Snapdragon Mobile and Snapdragon Wear in version MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 617."},{"lang":"es","value":"En ciertos modos de operaciones, HLOS podrĂ­a ser capaz de obtener acceso directo o indirecto mediante los canales DXE para manipular el firmware WCNSS autenticado almacenado en DDR debido a que la memoria DXE accesible se ubica en la imagen autenticada en Snapdragon Mobile y Snapdragon Wear en versiones MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415 y SD 617."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:M/Au:N/C:N/I:C/A:N","baseScore":5.7,"accessVector":"ADJACENT_NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"COMPLETE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":5.5,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FE28A59C-7AA6-4B85-84E8-07852B96108E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*","matchCriteriaId":"5DEE828B-09A7-4AC1-8134-491A7C87C118"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0FA80D57-3191-47CF-AD3F-9F2D64E443FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*","matchCriteriaId":"B2AFB212-F01A-4CEB-8DB4-2E0CC2308CB6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E0986EF1-0974-488E-84C4-6880F876CE55"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*","matchCriteriaId":"8C08BA58-2EBC-4A22-85A4-2ECD54693B9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"27110478-4C08-49E6-BD53-8BAAD9D5BD65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*","matchCriteriaId":"3664D302-D22A-4B25-B534-3097AE2F8573"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F683C42D-A310-4369-9689-3DBC9288591E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*","matchCriteriaId":"0EADE10A-0F63-4149-8F03-030673D6D7CE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A78C9449-5EB0-459B-AA72-EFF00592C30A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_412:-:*:*:*:*:*:*:*","matchCriteriaId":"2D583172-F1F1-4DF8-99CE-B94A84D14CCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"549E6F7E-A54F-423F-BD4A-A8FB97DBD39E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*","matchCriteriaId":"992C3835-7183-4D96-8647-DD9916880323"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A7B95CCC-37F1-4768-8D64-CA2028E93E03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:*","matchCriteriaId":"D1426161-4F7C-44B1-AA9E-EA661AA68947"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ECF81213-DE2D-4C4B-99E8-71AFD87E92CD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_415:-:*:*:*:*:*:*:*","matchCriteriaId":"95E826EF-343B-47FA-AB54-F13E868CE6A7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D27A1760-8D1B-4172-B6CE-65C72332F103"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_617:-:*:*:*:*:*:*:*","matchCriteriaId":"CC5F96F1-D3FB-482B-A3C8-57BA4DE86D5E"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components","source":"product-security@qualcomm.com","tags":["Third Party Advisory"]},{"url":"https://www.qualcomm.com/company/product-security/bulletins","source":"product-security@qualcomm.com","tags":["Vendor Advisory"]},{"url":"https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.qualcomm.com/company/product-security/bulletins","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}