N/A

In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image which has an inadequate permission level and allows any application installed from Play Store to request this permission at install-time. The system application interfaces with the Radio Interface Layer leading to potential access control issue.

N/A

N/A

多款Qualcomm Snapdragon产品权限许可和访问控制问题漏洞

Qualcomm MSM8909W等都是美国高通（Qualcomm）公司的用于不同平台的中央处理器（CPU）产品。 多款Qualcomm Snapdragon产品中的Telephony存在权限许可和访问控制漏洞，该漏洞源于com.qualcomm.embms部署在拥有不当权限的系统镜像中，并且允许来自Play Store的任意已安装应用程序请求权限。目前尚无此漏洞的相关信息，请随时关注CNNVD或厂商公告。以下产品（用于汽车、移动设备和手表）受到影响：Qualcomm MSM8909W；MSM8996AU

N/A

N/A