What vulnerability does CVE-2018-11922 describe?

CVE-2018-11922 describes a wrong configuration in the Touch Pal application that allows it to collect user behavior data without user awareness.

Which devices are affected by CVE-2018-11922?

CVE-2018-11922 affects devices running specific Qualcomm firmware versions as well as Google Android systems.

What is the potential impact of CVE-2018-11922?

The potential impact of CVE-2018-11922 includes unauthorized collection of user data, leading to privacy concerns and misuse of personal information.

How can I check if my device is vulnerable to CVE-2018-11922?

To check if your device is vulnerable to CVE-2018-11922, verify the configuration of the Touch Pal application and the firmware version of your Qualcomm chip.

Is there a fix available for CVE-2018-11922?

Yes, a fix for CVE-2018-11922 can typically be applied through updates to the Touch Pal application or firmware updates released by the device manufacturer.

Vulnerability/
CVE-2018-11922

critical

9.8

CWE

3/12/2018

26/11/2024

9/1/2025

CVE-2018-11922: Configurations in Android Build

First published: Mon Dec 03 2018(Updated: )

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Android
All of
Qualcomm MDM9206
Qualcomm MDM9206 firmware
All of
Qualcomm MD9607 Firmware
Qualcomm MDM9607 firmware
All of
Qualcomm MDM9640 Firmware
Qualcomm MDM9640 Firmware
All of
Qualcomm MDM9650
Qualcomm MDM9650 firmware
All of
Qualcomm PM215 Firmware
Qualcomm 215 Firmware
All of
Qualcomm SD210 Firmware
Qualcomm SD 210 Firmware
All of
Qualcomm SD 212
Qualcomm SD 212 Firmware
All of
Qualcomm 205 Firmware
Qualcomm SD205 Firmware
All of
Qualcomm SDR425 Firmware
Qualcomm Snapdragon 425
All of
Qualcomm SD427 Firmware
Qualcomm SD 427 firmware
All of
Qualcomm SD 430 Firmware
Qualcomm SD 430 Firmware
All of
qualcomm sd435 firmware
Qualcomm Snapdragon 435
All of
qualcomm SDM439 firmware
Qualcomm PM439
All of
Qualcomm SDA429W Firmware
Qualcomm SD 429 Firmware
All of
Qualcomm SDM450 Firmware
Qualcomm SDM450
All of
Qualcomm SD 625 Firmware
Qualcomm Snapdragon 625
All of
Qualcomm SD632 Firmware
Qualcomm SD 632 firmware
All of
Qualcomm SDA845 Firmware
Qualcomm SD845
All of
Qualcomm SD850 Firmware
Qualcomm SD850
All of
Qualcomm SDA660
Qualcomm SDA660
All of
Qualcomm SDM439 Firmware
Qualcomm SDM439 Firmware
All of
Qualcomm SDX20 Firmware
Qualcomm SDX20 Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What vulnerability does CVE-2018-11922 describe?
CVE-2018-11922 describes a wrong configuration in the Touch Pal application that allows it to collect user behavior data without user awareness.
Which devices are affected by CVE-2018-11922?
CVE-2018-11922 affects devices running specific Qualcomm firmware versions as well as Google Android systems.
What is the potential impact of CVE-2018-11922?
The potential impact of CVE-2018-11922 includes unauthorized collection of user data, leading to privacy concerns and misuse of personal information.
How can I check if my device is vulnerable to CVE-2018-11922?
To check if your device is vulnerable to CVE-2018-11922, verify the configuration of the Touch Pal application and the firmware version of your Qualcomm chip.
Is there a fix available for CVE-2018-11922?
Yes, a fix for CVE-2018-11922 can typically be applied through updates to the Touch Pal application or firmware updates released by the device manufacturer.