Vulnerability
CVE-2019-10549
Component: CELLULAR
Location: FIRMWARE
Null pointer dereference issue can happen due to improper validation of CSEQ header response received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, Nicobar, QCM2150, QM215, Rennell, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150
Impact
Severity (Manufact.)
N/A
Severity (NIST)
7.5
Severity (Android)
N/A
Chipsets
16
Devices
815
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MSM8905 | Qualcomm 205 | Qualcomm |
| MSM8909 | Snapdragon 210 | Qualcomm |
| QM215 | Qualcomm 215 | Qualcomm |
| MSM8917 | Snapdragon 425 | Qualcomm |
| MSM8920 | Snapdragon 427 | Qualcomm |
| MSM8937 | Snapdragon 430 | Qualcomm |
| MSM8940 | Snapdragon 435 | Qualcomm |
| SDM429 | Snapdragon 429 | Qualcomm |
| SDM439 | Snapdragon 439 | Qualcomm |
| SDM450 | Snapdragon 450 | Qualcomm |
16 of 16 row(s) shown.
Rows per page
Page 1 of 2
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jan 1, 2014
Reported:
Unknown
Advisory Published:
Mar 2, 2020
CVE Published:
Mar 5, 2020
Android Patch Level:
None
