Spoofed SMS can be used to send a large number of messages to the device which will in turn initiate a flood of registration updates with the server in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 636, SDA660, SDM630, SDM660, SDX20

Metrics

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:P/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Qualcomm
  • Mdm9206
  • Mdm9206 Firmware
  • Mdm9607
  • Mdm9607 Firmware
  • Mdm9650
  • Mdm9650 Firmware
  • Sd 205
  • Sd 205 Firmware
  • Sd 210
  • Sd 210 Firmware
  • Sd 212
  • Sd 212 Firmware
  • Sd 625
  • Sd 625 Firmware
  • Sd 636
  • Sd 636 Firmware
  • Sda660
  • Sda660 Firmware
  • Sdm630
  • Sdm630 Firmware
  • Sdm660
  • Sdm660 Firmware
  • Sdx20
  • Sdx20 Firmware

Configuration 1 [-]

AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_625:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*

No data.

References
Link Providers
https://www.qualcomm.com/company/product-security/bulletins cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2019-01-18T22:00:00

Updated: 2024-08-05T08:01:52.853Z

Reserved: 2018-05-18T00:00:00

Link: CVE-2018-11284

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-01-18T22:29:00.457

Modified: 2024-11-21T03:43:03.323

Link: CVE-2018-11284

cve-icon Redhat

No data.