Integer overflow to buffer overflow vulnerability in WLAN parsing nonstandard NAN IE messages in multiple Snapdragon platforms and products

Integer overflow to buffer overflow vulnerability in WLAN parsing nonstandard NAN IE messages in multiple Snapdragon platforms and products

CVE-2019-14135 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4010, QCA6174A, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS405, QCS605, SA6155P, Saipan, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Learn more about our Industrial Pen Testing.