CVE-2017-18292: CVE-2017-18292

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-18292

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Secure app running in non secure space can restart TZ by calling Widevine app API repeatedly in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Qualcomm Snapdragon产品输入验证漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Qualcomm MSM8909W等都是美国高通（Qualcomm）公司的用于不同平台的中央处理器（CPU）产品。多款Qualcomm Snapdragon产品中存在输入验证漏洞。攻击者可通过不断的调用Widevine app API利用该漏洞造成系统重启。以下产品（用于汽车、移动设备和手表）受到影响：Qualcomm MSM8909W；MSM8996AU；SD 210；SD 212；SD 205；SD 410/12；SD 425；SD 430；SD 450；SD 615/16；SD 415；SD 61

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Qualcomm, Inc.	Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear	MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A	-

II. Public POCs for CVE-2017-18292

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-18292

Please Login to view more intelligence information

https://www.qualcomm.com/company/product-security/bulletinsx_refsource_CONFIRM
https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-componentsx_refsource_CONFIRM
http://www.securitytracker.com/id/1041432vdb-entryx_refsource_SECTRACK
https://nvd.nist.gov/vuln/detail/CVE-2017-18292

IV. Related Vulnerabilities

Same product: Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear

Same vendor: Qualcomm, Inc.

V. Comments for CVE-2017-18292

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2017-18292

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-18292

III. Intelligence Information for CVE-2017-18292

IV. Related Vulnerabilities

V. Comments for CVE-2017-18292

Leave a comment