Today > | 4 High | 23 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2017-9711

Nov. 25, 2024, 7:10 p.m.

CVSS Score

6.7 / 10

Products Impacted

Vendor Product Versions
qualcomm
  • mdm9206_firmware
  • mdm9206
  • mdm9607_firmware
  • mdm9607
  • mdm9640_firmware
  • mdm9640
  • mdm9650_firmware
  • mdm9650
  • msm8909w_firmware
  • msm8909w
  • sd_210_firmware
  • sd_210
  • sd_212_firmware
  • sd_212
  • sd_205_firmware
  • sd_205
  • sd_425_firmware
  • sd_425
  • sd_430_firmware
  • sd_430
  • sd_450_firmware
  • sd_450
  • sd_615_firmware
  • sd_615
  • sd_616_firmware
  • sd_616
  • sd_415_firmware
  • sd_415
  • sd_617_firmware
  • sd_617
  • sd_625_firmware
  • sd_625
  • sd_650_firmware
  • sd_650
  • sd_652_firmware
  • sd_652
  • sd_810_firmware
  • sd_810
  • sd_820_firmware
  • sd_820
  • sd_820a_firmware
  • sd_820a
  • sd_835_firmware
  • sd_835
  • sd_845_firmware
  • sd_845
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -

Description

Certain unprivileged processes are able to perform IOCTL calls.

Weaknesses

CWE-264
None

None

CWE ID: 264

Date

Published: Nov. 22, 2024, 10:15 a.m.

Last Modified: Nov. 25, 2024, 7:10 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@qualcomm.com

CPEs

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o qualcomm mdm9206_firmware - / / / / / / /
h qualcomm mdm9206 - / / / / / / /
o qualcomm mdm9607_firmware - / / / / / / /
h qualcomm mdm9607 - / / / / / / /
o qualcomm mdm9640_firmware - / / / / / / /
h qualcomm mdm9640 - / / / / / / /
o qualcomm mdm9650_firmware - / / / / / / /
h qualcomm mdm9650 - / / / / / / /
o qualcomm msm8909w_firmware - / / / / / / /
h qualcomm msm8909w - / / / / / / /
o qualcomm sd_210_firmware - / / / / / / /
h qualcomm sd_210 - / / / / / / /
o qualcomm sd_212_firmware - / / / / / / /
h qualcomm sd_212 - / / / / / / /
o qualcomm sd_205_firmware - / / / / / / /
h qualcomm sd_205 - / / / / / / /
o qualcomm sd_425_firmware - / / / / / / /
h qualcomm sd_425 - / / / / / / /
o qualcomm sd_430_firmware - / / / / / / /
h qualcomm sd_430 - / / / / / / /
o qualcomm sd_450_firmware - / / / / / / /
h qualcomm sd_450 - / / / / / / /
o qualcomm sd_615_firmware - / / / / / / /
h qualcomm sd_615 - / / / / / / /
o qualcomm sd_616_firmware - / / / / / / /
h qualcomm sd_616 - / / / / / / /
o qualcomm sd_415_firmware - / / / / / / /
h qualcomm sd_415 - / / / / / / /
o qualcomm sd_617_firmware - / / / / / / /
h qualcomm sd_617 - / / / / / / /
o qualcomm sd_625_firmware - / / / / / / /
h qualcomm sd_625 - / / / / / / /
o qualcomm sd_650_firmware - / / / / / / /
h qualcomm sd_650 - / / / / / / /
o qualcomm sd_652_firmware - / / / / / / /
h qualcomm sd_652 - / / / / / / /
o qualcomm sd_810_firmware - / / / / / / /
h qualcomm sd_810 - / / / / / / /
o qualcomm sd_820_firmware - / / / / / / /
h qualcomm sd_820 - / / / / / / /
o qualcomm sd_820a_firmware - / / / / / / /
h qualcomm sd_820a - / / / / / / /
o qualcomm sd_835_firmware - / / / / / / /
h qualcomm sd_835 - / / / / / / /
o qualcomm sd_845_firmware - / / / / / / /
h qualcomm sd_845 - / / / / / / /

CVSS Data

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score
6.7
Exploitability Score
0.8
Impact Score
5.9
Base Severity
MEDIUM
CVSS Vector String

The CVSS vector string provides an in-depth view of the vulnerability metrics.

View Vector String

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

References

https://docs.qualcomm.com/ product-security@qualcomm.com