Unauthenticated Manipulation Vulnerability in Snapdragon Automobile and Mobile Devices

Unauthenticated Manipulation Vulnerability in Snapdragon Automobile and Mobile Devices

CVE-2017-18312 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

While accessing SafeSwitch services, third party can manipulate a given device and perform unauthorized operation due to lack of checking of same state transitions in Snapdragon Automobile, Snapdragon Mobile in version MSM8996AU, SD 410/12, SD 617, SD 650/52, SD 810, SD 820, SD 820A

Learn more about our Mobile App Penetration Testing.