CVE-2016-10502
Last modified
CVE-2016-10502 is a vulnerability of currently unknown severity. While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 and SDA660.. EPSS estimates a 1.46% chance of exploitation in the next 30 days.
Description
While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 and SDA660.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Mdm9206 Firmware | All versions |
| Qualcomm | Mdm9607 Firmware | All versions |
| Qualcomm | Mdm9650 Firmware | All versions |
| Qualcomm | Sd 210 Firmware | All versions |
| Qualcomm | Sd 212 Firmware | All versions |
| Qualcomm | Sd 205 Firmware | All versions |
| Qualcomm | Sd 835 Firmware | All versions |
| Qualcomm | Sda660 Firmware | All versions |
References
- http://www.securityfocus.com/bid/105838Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2018-11-01#qualcomm-componentsThird Party Advisory
- http://www.securityfocus.com/bid/105838Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2018-11-01#qualcomm-componentsThird Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-10502?
How severe is CVE-2016-10502?
How do I fix CVE-2016-10502?
Are you affected by CVE-2016-10502?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST