CVE-2018-11828
Last modified
CVE-2018-11828 is a vulnerability of currently unknown severity. When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52. EPSS estimates a 1.12% chance of exploitation in the next 30 days.
Description
When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Sd 210 Firmware | All versions |
| Qualcomm | Sd 212 Firmware | All versions |
| Qualcomm | Sd 205 Firmware | All versions |
| Qualcomm | Sd 425 Firmware | All versions |
| Qualcomm | Sd 430 Firmware | All versions |
| Qualcomm | Sd 450 Firmware | All versions |
| Qualcomm | Sd 625 Firmware | All versions |
| Qualcomm | Sd 650 Firmware | All versions |
| Qualcomm | Sd 652 Firmware | All versions |
References
- http://www.securityfocus.com/bid/107681Third Party Advisory, VDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
- http://www.securityfocus.com/bid/107681Third Party Advisory, VDB Entry
- https://www.qualcomm.com/company/product-security/bulletinsVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-11828?
How severe is CVE-2018-11828?
How do I fix CVE-2018-11828?
Are you affected by CVE-2018-11828?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST