What vulnerability does CVE-2018-11922 describe?

CVE-2018-11922 describes a wrong configuration in the Touch Pal application that allows it to collect user behavior data without user awareness.

Which devices are affected by CVE-2018-11922?

CVE-2018-11922 affects devices running specific Qualcomm firmware versions as well as Google Android systems.

What is the potential impact of CVE-2018-11922?

The potential impact of CVE-2018-11922 includes unauthorized collection of user data, leading to privacy concerns and misuse of personal information.

How can I check if my device is vulnerable to CVE-2018-11922?

To check if your device is vulnerable to CVE-2018-11922, verify the configuration of the Touch Pal application and the firmware version of your Qualcomm chip.

Is there a fix available for CVE-2018-11922?

Yes, a fix for CVE-2018-11922 can typically be applied through updates to the Touch Pal application or firmware updates released by the device manufacturer.

Vulnerability/
CVE-2018-11922

critical

9.8

CWE

3/12/2018

26/11/2024

9/1/2025

CVE-2018-11922: Configurations in Android Build

First published: Mon Dec 03 2018(Updated: )

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Google Android
All of
Qualcomm MDM9206 firmware
Qualcomm MDM9206
All of
Qualcomm MDM9607 firmware
Qualcomm MDM9607
All of
qualcomm mdm9640 firmware
qualcomm MDM9640
All of
Qualcomm MDM9650 firmware
Qualcomm MDM9650
All of
Qualcomm 215 Firmware
Qualcomm 215
All of
qualcomm SD 210 firmware
qualcomm SD 210
All of
qualcomm SD 212 firmware
qualcomm SD 212
All of
qualcomm SD 205 firmware
qualcomm SD 205
All of
qualcomm SD 425 firmware
qualcomm SD 425
All of
Qualcomm SD 427 firmware
Qualcomm SD 427
All of
Qualcomm SD 430 firmware
Qualcomm SD 430
All of
Qualcomm SD 435 firmware
Qualcomm SD 435
All of
Qualcomm SD 439 firmware
Qualcomm SD 439
All of
Qualcomm SD 429 firmware
Qualcomm SD 429
All of
Qualcomm SD 450 firmware
Qualcomm SD 450
All of
qualcomm SD 625 firmware
qualcomm SD 625
All of
Qualcomm SD 632 firmware
Qualcomm SD 632
All of
qualcomm SD 845 firmware
qualcomm SD 845
All of
qualcomm SD 850 firmware
qualcomm SD 850
All of
qualcomm SDA660 firmware
qualcomm SDA660
All of
qualcomm SDM439 firmware
qualcomm SDM439
All of
Qualcomm SDX20 Firmware
Qualcomm SDX20 Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What vulnerability does CVE-2018-11922 describe?
CVE-2018-11922 describes a wrong configuration in the Touch Pal application that allows it to collect user behavior data without user awareness.
Which devices are affected by CVE-2018-11922?
CVE-2018-11922 affects devices running specific Qualcomm firmware versions as well as Google Android systems.
What is the potential impact of CVE-2018-11922?
The potential impact of CVE-2018-11922 includes unauthorized collection of user data, leading to privacy concerns and misuse of personal information.
How can I check if my device is vulnerable to CVE-2018-11922?
To check if your device is vulnerable to CVE-2018-11922, verify the configuration of the Touch Pal application and the firmware version of your Qualcomm chip.
Is there a fix available for CVE-2018-11922?
Yes, a fix for CVE-2018-11922 can typically be applied through updates to the Touch Pal application or firmware updates released by the device manufacturer.