Unrated severityNVD Advisory· Published Sep 8, 2020· Updated Aug 5, 2024
CVE-2019-14089
CVE-2019-14089
Description
u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a user data erase or a factory reset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, Nicobar, QCS404, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Affected products
2- Qualcomm, Inc./Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networkingv5Range: Kamorta, Nicobar, QCS404, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Patches
Vulnerability mechanics
References
1- www.qualcomm.com/company/product-security/bulletins/august-2020-bulletinmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.