CVE-2016-10408 HIGH

CVE-2016-10408: Improper Access Control in Core.

Vendor Qualcomm, Inc.
Product Snapdragon
Weakness CWE-284
Published November 26, 2024
Last update November 26, 2024

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory.

Key dates

02Disclosure timeline

November 26, 2024 CVE published
November 26, 2024 Record updated