| Summary | In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, cryptographic issues due to the random number generator was not a strong one in NAN. |
|---|---|
| Publication Date | Sept. 20, 2018, 10:29 p.m. |
| Registration Date | March 1, 2021, 6:45 p.m. |
| Last Update | Nov. 21, 2024, 12:43 p.m. |
| CVSS3.0 : HIGH | |
| スコア | 7.5 |
|---|---|
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
| 攻撃元区分(AV) | ネットワーク |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃に必要な特権レベル(PR) | 不要 |
| 利用者の関与(UI) | 不要 |
| 影響の想定範囲(S) | 変更なし |
| 機密性への影響(C) | なし |
| 完全性への影響(I) | 高 |
| 可用性への影響(A) | なし |
| CVSS2.0 : MEDIUM | |
| Score | 5.0 |
|---|---|
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
| 攻撃元区分(AV) | ネットワーク |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃前の認証要否(Au) | 不要 |
| 機密性への影響(C) | なし |
| 完全性への影響(I) | 低 |
| 可用性への影響(A) | なし |
| Get all privileges. | いいえ |
| Get user privileges | いいえ |
| Get other privileges | いいえ |
| User operation required | いいえ |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:* | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:* | ||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:* | ||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:* | ||||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:* | ||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca4531_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca4531:-:*:*:*:*:*:*:* | ||||
| Configuration8 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:* | ||||
| Configuration9 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca6564:-:*:*:*:*:*:*:* | ||||
| Configuration10 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:* | ||||
| Configuration11 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:* | ||||
| Configuration12 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca6584_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca6584:-:*:*:*:*:*:*:* | ||||
| Configuration13 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:* | ||||
| Configuration14 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:* | ||||
| Configuration15 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca9378_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca9378:-:*:*:*:*:*:*:* | ||||
| Configuration16 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:qca9379:-:*:*:*:*:*:*:* | ||||
| Configuration17 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd425_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd425:-:*:*:*:*:*:*:* | ||||
| Configuration18 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd427_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd427:-:*:*:*:*:*:*:* | ||||
| Configuration19 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd430_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd430:-:*:*:*:*:*:*:* | ||||
| Configuration20 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd435_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd435:-:*:*:*:*:*:*:* | ||||
| Configuration21 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd450_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd450:-:*:*:*:*:*:*:* | ||||
| Configuration22 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd600_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd600:-:*:*:*:*:*:*:* | ||||
| Configuration23 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd625_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd625:-:*:*:*:*:*:*:* | ||||
| Configuration24 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd650_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd650:-:*:*:*:*:*:*:* | ||||
| Configuration25 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd652_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd652:-:*:*:*:*:*:*:* | ||||
| Configuration26 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd810_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd810:-:*:*:*:*:*:*:* | ||||
| Configuration27 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:* | ||||
| Configuration28 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd820a_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd820a:-:*:*:*:*:*:*:* | ||||
| Configuration29 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:* | ||||
| Configuration30 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd845:-:*:*:*:*:*:*:* | ||||
| Configuration31 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sd850:-:*:*:*:*:*:*:* | ||||
| Configuration32 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:* | ||||
| Configuration33 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sdm632:-:*:*:*:*:*:*:* | ||||
| Configuration34 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sdm636_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sdm636:-:*:*:*:*:*:*:* | ||||
| Configuration35 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:* | ||||
| Configuration36 | or higher | or less | more than | less than | |
| cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:* | ||||
| Title | 複数の Qualcomm Snapdragon 製品における暗号に関する脆弱性 |
|---|---|
| Summary | Snapdragon (Automobile、Mobile、Wear) には、暗号に関する脆弱性が存在します。 |
| Possible impacts | 情報を改ざんされる可能性があります。 |
| Solution | ベンダ情報および参考情報を参照して適切な対策を実施してください。 |
| Publication Date | June 4, 2018, midnight |
| Registration Date | Dec. 25, 2018, 11:23 a.m. |
| Last Update | Dec. 25, 2018, 11:23 a.m. |
| クアルコム |
| IPQ8074 ファームウェア |
| MDM9206 ファームウェア |
| MDM9607 ファームウェア |
| MDM9640 ファームウェア |
| MDM9650 ファームウェア |
| MSM8996AU ファームウェア |
| QCA4531 ファームウェア |
| QCA6174A ファームウェア |
| QCA6564 ファームウェア |
| QCA6574 ファームウェア |
| QCA6574AU ファームウェア |
| QCA6584 ファームウェア |
| QCA6584AU ファームウェア |
| QCA9377 ファームウェア |
| QCA9378 ファームウェア |
| QCA9379 ファームウェア |
| SD 425 ファームウェア |
| SD 427 ファームウェア |
| SD 430 ファームウェア |
| SD 435 ファームウェア |
| SD 450 ファームウェア |
| SD 600 ファームウェア |
| SD 625 ファームウェア |
| SD 650 ファームウェア |
| SD 652 ファームウェア |
| SD 810 ファームウェア |
| SD 820 ファームウェア |
| SD 820A ファームウェア |
| SD 835 ファームウェア |
| SD 845 ファームウェア |
| SD 850 ファームウェア |
| SDM 630 ファームウェア |
| SDM 632 ファームウェア |
| SDM 636 ファームウェア |
| SDM 660 ファームウェア |
| SDX20 ファームウェア |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2018年12月25日] 掲載 |
Dec. 25, 2018, 11:23 a.m. |