Unrated severityNVD Advisory· Published Jun 2, 2020· Updated Aug 5, 2024

CVE-2019-14054

Description

Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130, SXR2130

Affected products

Qualcomm/Snapdragon Computellm-fuzzy
Qualcomm/Snapdragon Mobilellm-fuzzy
Qualcomm/Snapdragon Consumer IOTllm-fuzzy
Qualcomm/Snapdragon Industrial IOTllm-fuzzy
Qualcomm/Snapdragon Wired Infrastructure and Networkingllm-fuzzy
Qualcomm, Inc./Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networkingv5
Range: Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130, SXR2130

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.qualcomm.com/company/product-security/bulletins/may-2020-bulletinmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000