{"containers": {"cna": {"affected": [{"product": "Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "IPQ8074, QCA8081, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130"}]}], "descriptions": [{"lang": "en", "value": "Possible out of bound access in WLAN handler when the received value of length in rx path is shorter than the expected value of country IE in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130"}], "problemTypes": [{"descriptions": [{"description": "Buffer Over-read Issue in WLAN", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-16T10:46:19.000Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2019-14134", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking", "version": {"version_data": [{"version_value": "IPQ8074, QCA8081, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130"}]}}]}, "vendor_name": "Qualcomm, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Possible out of bound access in WLAN handler when the received value of length in rx path is shorter than the expected value of country IE in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Buffer Over-read Issue in WLAN"}]}]}, "references": {"reference_data": [{"name": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin", "refsource": "CONFIRM", "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T00:12:42.225Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"}]}]}, "cveMetadata": {"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2019-14134", "datePublished": "2020-04-16T10:46:19.000Z", "dateReserved": "2019-07-19T00:00:00.000Z", "dateUpdated": "2024-08-05T00:12:42.225Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B05FD66D-13A6-40E9-A64B-E428378F237E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "022D7D87-F60F-4DD2-9E0B-A9DFD3D69B22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*", "matchCriteriaId": "37FA5777-1B35-4BD1-BB81-CB5DE62F3D56", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "00865826-86AE-425F-BE6F-162F611FB200", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm670:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CC0441C-C30B-4D99-9BAD-C1E4387302BB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D045BE4B-BC19-4A51-90E6-00C18389C81B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F006960-CDE3-4E74-B4F0-2C4B2CA93959", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DED4B719-53B5-4D16-B3FA-ADE29D28ED86", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*", "matchCriteriaId": "D342C86B-E184-457C-9F72-BD853ED79425", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm850_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3ADE826-C55D-4731-80B9-164FEA290FAC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm850:-:*:*:*:*:*:*:*", "matchCriteriaId": "8ED4F8FE-32DB-4696-A3AD-A9D7CB7E513A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8ABE492A-3755-4969-9DEB-4B85EBB84644", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3D3787B-6ACC-4591-B041-01307ED66C36", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F63A748F-2236-4486-83F1-DE4BCBE5D56D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*", "matchCriteriaId": "184F3DFC-27E8-48AC-B46C-C589DBCBF030", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9286B1E8-E39F-4DAA-8969-311CA2A0A8AA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*", "matchCriteriaId": "19B9AE36-87A9-4EE7-87C8-CCA2DCF51039", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "096F7BA5-FF58-416B-93EF-733B16326C86", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AF958FB-1611-4102-A2DB-8D4311AE0D72", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Possible out of bound access in WLAN handler when the received value of length in rx path is shorter than the expected value of country IE in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130"}, {"lang": "es", "value": "Un posible acceso fuera de l\u00edmite en el manejador WLAN cuando el valor de longitud recibido en la ruta rx es m\u00e1s corto que el valor esperado del IE del pa\u00eds en los productos Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Infraestructura cableada y redes en IPQ8074, QCA8081, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130"}], "id": "CVE-2019-14134", "lastModified": "2024-11-21T04:26:08.607", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-16T11:15:15.557", "references": [{"source": "product-security@qualcomm.com", "tags": ["Vendor Advisory"], "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"}], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}