{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T19:20:21.700","vulnerabilities":[{"cve":{"id":"CVE-2019-2278","sourceIdentifier":"product-security@qualcomm.com","published":"2019-07-25T17:15:12.817","lastModified":"2024-11-21T04:40:36.343","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"User keystore signature is ignored in boot and can lead to bypass boot image signature verification in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in MDM9607, MDM9640, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SDM660"},{"lang":"es","value":"La firma del almacén de claves de usuario es ignorada en el arranque y puede conllevar a omitir la comprobación de la firma de la imagen de arranque en los productos Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile en las versiones MDM9607, MDM9640, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SDM660."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-347"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A35FECFB-60AE-42A8-BCBB-FEA7D5826D49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*","matchCriteriaId":"E9765187-8653-4D66-B230-B2CE862AC5C0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7FD1C359-C79B-4CE8-A192-5AA34D0BF05B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*","matchCriteriaId":"716B747E-672C-4B95-9D8E-1262338E67EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C56BC939-2FE8-4AB4-B638-35C83B224005"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*","matchCriteriaId":"E36C12E2-7064-41E6-B357-3F0E6E6D0A0F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8175FC2D-8B9C-4461-BEAE-E9C688E8A63B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*","matchCriteriaId":"92CD09CE-75CC-418F-AB16-4685141BDE36"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BE5C66CC-B00C-4581-B8FB-0632232E480D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*","matchCriteriaId":"87F57247-08CD-473E-A517-F9E85BFC7BEA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"55604764-FC96-451C-BB9B-9AD72EF5D245"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*","matchCriteriaId":"71CEDACD-D22B-4CCD-93DA-B79CB74BDA22"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E07C621F-0BC0-40C1-9678-1AF6498AC487"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*","matchCriteriaId":"9C621A62-E346-406B-9D20-8FF6C2B0851F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"06E0CC35-AC20-42D7-8FEA-CA4685E33E72"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*","matchCriteriaId":"4A2C4DED-2367-4736-A0AF-C8356F1271AD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CE94E380-CB75-462E-B411-BF38F17D53B2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*","matchCriteriaId":"0947F38F-3DC2-45F1-B3B3-963922F32054"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_712_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6BFF8872-645F-4A05-BAF9-7797CFBE37C6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_712:-:*:*:*:*:*:*:*","matchCriteriaId":"9CB91AFF-C149-4F5C-92EC-E78E66935528"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_710_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2B529780-DB0A-4F9C-AE63-6DEC593B86E5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_710:-:*:*:*:*:*:*:*","matchCriteriaId":"669E7360-E8C3-4BB8-A3B6-61BD58AFAF62"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_670_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D49606C5-7306-4F33-864C-C1905594F09C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_670:-:*:*:*:*:*:*:*","matchCriteriaId":"B43964AF-7CEC-420A-935B-D3895B2BAC70"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0A2D2B3B-CB28-46AA-9117-A7FA371FDE80"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_845:-:*:*:*:*:*:*:*","matchCriteriaId":"DE18BF66-B0DB-48BB-B43A-56F01821F5A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_850_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0C10C7CB-3B66-4F17-8146-6A85611E2BA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_850:-:*:*:*:*:*:*:*","matchCriteriaId":"B9DA765F-53DE-4FB0-B825-6C11B3177641"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"24D7B67C-6FEC-48F8-9D46-778E4528BC20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*","matchCriteriaId":"05006807-D961-446C-B8DC-C87507F1316E"}]}]}],"references":[{"url":"https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin","source":"product-security@qualcomm.com","tags":["Patch","Third Party Advisory"]},{"url":"https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}