mdm9615 firmware · threatengine.sh

Home/Product/qualcomm mdm9615 firmware

Product

qualcomm mdm9615 firmware

154 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immedia

Memory corruption in Audio while processing RT proxy port register driver.

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Memory corruption while using the UIM diag command to get the operators name.

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Transient DOS due to improper authorization in Modem

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command le

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

Memory corruption in modem due to buffer overflow while processing a PPP packet

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Sna

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Sn

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Sna

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Comp

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Comput

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdrag

Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Co

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Comp

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Conne

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, S

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Sn

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Sna

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Comput

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit

Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapd

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snap

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon C

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto,

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapd

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapd

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame po

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,

Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon A

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snap

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapd

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdra

u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operatio

u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdr

A possible buffer overflow would occur while processing command from firmware due to the group_id obtained from the firmware being

Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overf

Possible use after free issue in pcm volume controls due to race condition exist in private data used in mixer controls in Snapdra

Multiple Read overflows issue due to improper length check while decoding tau reject/tau accept/detach request/attach reject/attac

Multiple Read overflows issue due to improper length check while decoding dedicated_eps_bearer_req/ act_def_context_req/ cs_serv_n

Multiple Read overflows issue due to improper length check while decoding RAU accept/PDN disconnect Rej/Modify EPS ctxt req/bearer

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Sna

Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compu

Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overf

String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdra

Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Au

Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon

Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdr

Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of s

Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS

Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdrag

Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cm

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon

Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer

Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware

Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdr

Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Au

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapd

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Comp

Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consum

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdra

Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Cons

While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdr

SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon A

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdrag

Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute

Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon A

When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of bound

Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Com

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the cont

Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm kn

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdra

Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compu

Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, S

Out of bounds memory read and access due to improper array index validation may lead to unexpected behavior while decoding XTRA fi

Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, S

Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdr

Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT,

Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Co

Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow

Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon m

Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625

Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9

Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607,

Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in

Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, M

Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625

Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdrag

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, MDM9645, MDM9650, MDM9655, SD

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9607, MDM9615, MDM9635M, MDM9640, SD

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9615, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FS

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, and SD 810,

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FS

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, SD 210/SD 212/SD 205,

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, MDM9640, MD

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 2

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, M

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 2

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM920

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin