CVE-2018-5883
moderate-risk
Published 2019-06-14
Buffer overflow in WLAN driver event handlers due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 636, SD 675, SD 730, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24
Do I need to act?
-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10
High
LOCAL
/ LOW complexity
Affected Products (18)
Affected Vendors
References (2)
Third Party Advisory
https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-sec...
Third Party Advisory
https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-sec...
43
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
0/34 · Minimal
Exposure
19/34 · Moderate