9.8критическая
CVE-2018-11922
Описание
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
Затрагиваемое ПО
Qualcomm Mdm9206 firmwareQualcomm Mdm9206Qualcomm Mdm9607 firmwareQualcomm Mdm9607Qualcomm Mdm9640 firmwareQualcomm Mdm9640Qualcomm Mdm9650 firmwareQualcomm Mdm9650Qualcomm 215 firmwareQualcomm 215Qualcomm Sd 210 firmwareQualcomm Sd 210Qualcomm Sd 212 firmwareQualcomm Sd 212Qualcomm Sd 205 firmwareQualcomm Sd 205Qualcomm Sd 425 firmwareQualcomm Sd 425Qualcomm Sd 427 firmwareQualcomm Sd 427Qualcomm Sd 430 firmwareQualcomm Sd 430Qualcomm Sd 435 firmwareQualcomm Sd 435Qualcomm Sd 439 firmware
CVSS
| Балл | 9.8 — критическая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Источники
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html