- Description
- Privilege escalation by using an altered debug policy image can occur as the XPU protecting the debug policy regions are disabled during the crash dump boot flow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018
- Source
- product-security@qualcomm.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-862
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]