BDU:2025-16032
Уязвимость микропрограммного обеспечения встраиваемых плат Qualcomm, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код
📄 Описание
Уязвимость микропрограммного обеспечения встраиваемых плат Qualcomm связана с использованием памяти после её освобождения. Эксплуатация уязвимости может позволить нарушителю выполнить произвольный код
🖥️ Уязвимое ПО
Qualcomm Technologies Inc.
Наименование ПО: WCD9380, WSA8830, WSA8835, CSRA6620, CSRA6640, SD660, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X55 5G Modem-RF System, Snapdragon XR2 5G Platform, Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 662 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon AR2 Gen 1 Platform, Snapdragon XR2+ Gen 1 Platform, 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, SA4155P, QCA6574, QCA6574A, QCA6574AU, Qualcomm® Video Collaboration VC5 Platform, SA4150P, QCA6688AQ, FastConnect 6700, FastConnect 6900, FastConnect 7800, WCD9370, WCN3950, WCN6740, WSA8810, WSA8815, WSA8832, QAM8295P, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCM5430, QCM6490, QCN9012, QCS410, QCS5430, QCS610, QCS6490, SA6155P, SA8155P, SA8195P, SA8295P, SXR2230P, WCD9341, WCD9375, WCD9385, WCN3980, WCN3988, Snapdragon AR1 Gen 1 Platform "Luna1", Snapdragon AR1 Gen 1 Platform, FastConnect 6200, FastConnect 6800, Flight RB5 5G Platform, QCA6391, QCM2290, QCM6125, QCN9011, QCS2290, QCS6125, QCS7230, QCS8250, QRB5165M, QRB5165N, Robotics RB2 Platform, Robotics RB5 Platform, SA6145P, SA6150P, SA8145P, SA8150P, SD865 5G, SM7250P, SM7325P, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 7c+ Gen 3 Compute, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1230P, WCD9326, WCD9335, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3990, Snapdragon 660 Mobile Platform
Версия ПО: - (WCD9380), - (WSA8830), - (WSA8835), - (CSRA6620), - (CSRA6640), - (SD660), - (Snapdragon 865 5G Mobile Platform), - (Snapdragon 865+ 5G Mobile Platform (SM8250-AB)), - (Snapdragon 870 5G Mobile Platform (SM8250-AC)), - (Snapdragon W5+ Gen 1 Wearable Platform), - (Snapdragon X55 5G Modem-RF System), - (Snapdragon XR2 5G Platform), - (Snapdragon 888 5G Mobile Platform), - (Snapdragon 888+ 5G Mobile Platform (SM8350-AC)), - (Snapdragon 765 5G Mobile Platform (SM7250-AA)), - (Snapdragon 765G 5G Mobile Platform (SM7250-AB)), - (Snapdragon 768G 5G Mobile Platform (SM7250-AC)), - (Snapdragon 4 Gen 1 Mobile Platform), - (Snapdragon 460 Mobile Platform), - (Snapdragon 480 5G Mobile Platform), - (Snapdragon 480+ 5G Mobile Platform (SM4350-AC)), - (Snapdragon 662 Mobile Platform), - (Snapdragon 680 4G Mobile Platform), - (Snapdragon 685 4G Mobile Platform (SM6225-AD)), - (Snapdragon 690 5G Mobile Platform), - (Snapdragon 695 5G Mobile Platform), - (Snapdragon 778G 5G Mobile Platform), - (Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)), - (Snapdragon 782G Mobile Platform (SM7325-AF)), - (Snapdragon AR2 Gen 1 Platform), - (Snapdragon XR2+ Gen 1 Platform), - (215 Mobile Platform), - (Qualcomm® Video Collaboration VC1 Platform), - (Qualcomm® Video Collaboration VC3 Platform), - (SA4155P), - (QCA6574), - (QCA6574A), - (QCA6574AU), - (Qualcomm® Video Collaboration VC5 Platform), - (SA4150P), - (QCA6688AQ), - (FastConnect 6700), - (FastConnect 6900), - (FastConnect 7800), - (WCD9370), - (WCN3950), - (WCN6740), - (WSA8810), - (WSA8815), - (WSA8832), - (QAM8295P), - (QCA6595), - (QCA6595AU), - (QCA6696), - (QCA6698AQ), - (QCM5430), - (QCM6490), - (QCN9012), - (QCS410), - (QCS5430), - (QCS610), - (QCS6490), - (SA6155P), - (SA8155P), - (SA8195P), - (SA8295P), - (SXR2230P), - (WCD9341), - (WCD9375), - (WCD9385), - (WCN3980), - (WCN3988), - (Snapdragon AR1 Gen 1 Platform "Luna1"), - (Snapdragon AR1 Gen 1 Platform), - (FastConnect 6200), - (FastConnect 6800), - (Flight RB5 5G Platform), - (QCA6391), - (QCM2290), - (QCM6125), - (QCN9011), - (QCS2290), - (QCS6125), - (QCS7230), - (QCS8250), - (QRB5165M), - (QRB5165N), - (Robotics RB2 Platform), - (Robotics RB5 Platform), - (SA6145P), - (SA6150P), - (SA8145P), - (SA8150P), - (SD865 5G), - (SM7250P), - (SM7325P), - (Snapdragon 4 Gen 2 Mobile Platform), - (Snapdragon 7c+ Gen 3 Compute), - (SSG2115P), - (SSG2125P), - (SW5100), - (SW5100P), - (SXR1230P), - (WCD9326), - (WCD9335), - (WCN3615), - (WCN3660B), - (WCN3680B), - (WCN3910), - (WCN3990), - (Snapdragon 660 Mobile Platform)
Тип ПО: Микропрограммный код, Сетевое средство, Сетевое программное средство
ОС / платформа: —
⚙️ Технические сведения
📊 CVSS
CVSS 2.0
AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS 3.0
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
⚠️ Уровень опасности
Средний уровень опасности (базовая оценка CVSS 2.0 составляет 6,8)
Высокий уровень опасности (базовая оценка CVSS 3.1 составляет 7,8)
Высокий уровень опасности (базовая оценка CVSS 3.1 составляет 7,8)
🔗 Источники и меры
🏷️ Идентификаторы
📅 Даты