Integer Truncation Vulnerability in Snapdragon Auto, Compute, Consumer Electronics Connectivity, Industrial IOT, Mobile, and more

Integer Truncation Vulnerability in Snapdragon Auto, Compute, Consumer Electronics Connectivity, Industrial IOT, Mobile, and more

CVE-2019-10624 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, MSM8996AU, QCA6574AU, QCN7605, Rennell, SC8180X, SDM710, SDX55, SM7150, SM8150, SM8250, SXR2130

Learn more about our Industrial Pen Testing.