CVE-2018-3591
Description
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the default build configuration of deviceprogrammer in BOOT.BF.3.0 enables the flag SKIP_SECBOOT_CHECK_NOT_RECOMMENDED_BY_QUALCOMM which will open up the peek and poke commands to any memory location on the target.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A Qualcomm bootloader configuration flaw on Android devices allows arbitrary memory access by enabling SKIP_SECBOOT_CHECK.
Vulnerability
The default build configuration of the deviceprogrammer tool in Qualcomm BOOT.BF.3.0 enabled the flag SKIP_SECBOOT_CHECK_NOT_RECOMMENDED_BY_QUALCOMM on several Snapdragon Mobile and Snapdragon Wear platforms [1]. This configuration was present in Android security patch level before 2018-04-05. Affected chipsets include: MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016 [1].
Exploitation
An attacker with physical or local access to the device could use the deviceprogrammer utility to issue peek and poke commands, which allow reading and writing arbitrary memory locations [1]. The vulnerability requires that the device is in a mode where deviceprogrammer is accessible, but no authentication or special privileges beyond physical access are needed because the secure boot check is intentionally bypassed [1].
Impact
Successful exploitation provides the attacker with arbitrary read and write access to the entire memory space of the target device [1]. This can lead to full compromise of confidentiality, integrity, and availability, including the ability to extract sensitive data, inject malicious code, or permanently alter firmware.
Mitigation
The vulnerability was fixed in the Android security patch level 2018-04-05 [1]. Users should ensure their devices receive this update. No workaround is mentioned in the reference, and the affected platform is not listed on the CISA KEV.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: < 2018-04-05 security patch level
- Qualcomm, Inc./Snapdragon Mobile, Snapdragon Wearv5Range: MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.