Vulnerability
CVE-2018-13901
Location: OS
Due to missing permissions in Android Manifest file, Sensitive information disclosure issue can happen in PCI RCS app in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660
Impact
Severity (Manufact.)
N/A
Severity (NIST)
5.5
Severity (Android)
N/A
Chipsets
20
Devices
650
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MSM8909 | Snapdragon 210 | Qualcomm |
| MSM8909AA | Snapdragon 212 | Qualcomm |
| MSM8929 | Snapdragon 415 | Qualcomm |
| MSM8939 | Snapdragon 615 | Qualcomm |
| SDM630 | Snapdragon 630 | Qualcomm |
| SDM636 | Snapdragon 636 | Qualcomm |
| MSM8956 | Snapdragon 650 | Qualcomm |
| SDM660 | Snapdragon 660 | Qualcomm |
| SDM670 | Snapdragon 670 | Qualcomm |
| SM6150 | Snapdragon 675 | Qualcomm |
20 of 20 row(s) shown.
Rows per page
Page 1 of 2
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jan 1, 2014
Reported:
Aug 8, 2018
Advisory Published:
May 6, 2019
CVE Published:
Jun 14, 2019
Android Patch Level:
None
