CVE-2019-14025 Information
Feb 14, 2021
cve
Description
u’When a new session is created Object is returned that contains TZ addresses and it get passed to HLOS as an handle to refer to a particular session and can cause TZ to jump to a invalid address’ in Snapdragon Auto Snapdragon Compute Snapdragon Consumer IOT Snapdragon Industrial IOT Snapdragon Mobile Snapdragon Wired Infrastructure and Networking in Kamorta QCS404 QCS610 Rennell SC7180 SDX55 SM6150 SM7150 SM8250 SXR2130
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Reference
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
HIGH
Base Score
NONE
Base Severity
5.5
Share on: