First published: Mon Dec 03 2018(Updated: )
Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Qualcomm Mdm9607 Firmware | ||
Qualcomm Mdm9607 | ||
Qualcomm Mdm9615 Firmware | ||
Qualcomm Mdm9615 | ||
Qualcomm Mdm9625 Firmware | ||
Google Android | ||
Google Android | ||
Qualcomm Mdm9635m | ||
Qualcomm Mdm9640 Firmware | ||
Qualcomm Mdm9640 | ||
Qualcomm Mdm9645 Firmware | ||
Qualcomm Mdm9645 | ||
Qualcomm Mdm9650 Firmware | ||
Qualcomm Mdm9650 | ||
Qualcomm Mdm9655 Firmware | ||
Qualcomm Mdm9655 | ||
Qualcomm Msm8909w Firmware | ||
Qualcomm Msm8909w | ||
Qualcomm Sd 210 Firmware | ||
Qualcomm Sd 210 | ||
Qualcomm Sd 212 Firmware | ||
Qualcomm Sd 212 | ||
Qualcomm Sd 205 Firmware | ||
Qualcomm Sd 205 | ||
Qualcomm Sd 410 Firmware | ||
Qualcomm Sd 410 | ||
Qualcomm Sd 412 Firmware | ||
Qualcomm Sd 412 | ||
Qualcomm Sd 425 Firmware | ||
Qualcomm Sd 425 | ||
Qualcomm Sd 427 Firmware | ||
Qualcomm Sd 427 | ||
Qualcomm Sd 430 Firmware | ||
Qualcomm Sd 430 | ||
Qualcomm Sd 435 Firmware | ||
Qualcomm Sd 435 | ||
Qualcomm Sd 450 Firmware | ||
Qualcomm Sd 450 | ||
Qualcomm Sd 615 Firmware | ||
Qualcomm Sd 615 | ||
Qualcomm Sd 616 Firmware | ||
Qualcomm Sd 616 | ||
Qualcomm Sd 415 Firmware | ||
Qualcomm Sd 415 | ||
Qualcomm Sd 625 Firmware | ||
Qualcomm Sd 625 | ||
Qualcomm Sd 636 Firmware | ||
Qualcomm Sd 636 | ||
Qualcomm Sd 650 Firmware | ||
Qualcomm Sd 650 | ||
Qualcomm Sd 652 Firmware | ||
Qualcomm Sd 652 | ||
Qualcomm Sd 800 Firmware | ||
Qualcomm Sd 800 | ||
Google Android | ||
Qualcomm Sd 810 | ||
Qualcomm Sd 820 Firmware | ||
Qualcomm Sd 820 | ||
Qualcomm Sd 835 Firmware | ||
Qualcomm Sd 835 | ||
Qualcomm Sda660 Firmware | ||
Qualcomm Sda660 | ||
Qualcomm Sdm630 Firmware | ||
Qualcomm Sdm630 | ||
Qualcomm Sdm660 Firmware | ||
Qualcomm Sdm660 | ||
Qualcomm Snapdragon High Med 2016 Firmware | ||
Qualcomm Snapdragon High Med 2016 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-18326 is a vulnerability in Snapdragon mobile and Snapdragon Wear devices that allows cryptographic keys to be printed in modem debug messages.
CVE-2017-18326 affects Snapdragon mobile and Snapdragon Wear devices in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650, SD 652, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon High Med 2016.
CVE-2017-18326 has a severity rating of 5.5 (high).
To fix CVE-2017-18326, users should apply the necessary software updates provided by the device manufacturer.
More information about CVE-2017-18326 can be found in the Android Security Bulletin for December 2018 and the provided references.