Pre-Activation Disclosure of IMEI/IMEISV in Qualcomm Android Devices

Pre-Activation Disclosure of IMEI/IMEISV in Qualcomm Android Devices

CVE-2015-9064 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI or IMEISV to the network on a network request before NAS security has been activated.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.