What is CVE-2019-2257?

CVE-2019-2257 is a vulnerability related to wrong permissions in configuration file that can lead to unauthorized permission in certain Qualcomm products running Android.

What is the severity of CVE-2019-2257?

CVE-2019-2257 has a severity rating of high.

How can CVE-2019-2257 be fixed?

To fix CVE-2019-2257, it is recommended to follow the instructions provided in the official Android security bulletin and to update the affected Qualcomm products with the latest firmware patches.

CWE-732 is a classification for the vulnerability related to incorrect permissions.

Vulnerability/
CVE-2019-2257

high

7.8

CWE

732

6/5/2019

14/6/2019

26/8/2024

CVE-2019-2257

First published: Mon May 06 2019(Updated: )

Wrong permissions in configuration file can lead to unauthorized permission in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 855, SDA660, SDM660, SDX20, SDX24

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Android
Qualcomm MDM9150 firmware
Qualcomm MDM9150 firmware
Qualcomm MD9607 Firmware
Qualcomm MDM9607 firmware
Qualcomm MDM9650
Qualcomm MDM9650 firmware
Qualcomm MSM8909W
Qualcomm Snapdragon 8909
qualcomm MSM8996AU firmware
Qualcomm MSM8996AU Firmware
Qualcomm QCS405 Firmware
Qualcomm QCS405 Firmware
Qualcomm ZZ QCS605 firmware
Qualcomm QCS605 Firmware
Qualcomm SD210 Firmware
Qualcomm SD 210 Firmware
Qualcomm SD 212
Qualcomm SD 212 Firmware
Qualcomm SD205 Firmware
Qualcomm SD205 Firmware
Qualcomm SD615 Firmware
Qualcomm Snapdragon 615
Qualcomm SD 616 Firmware
Qualcomm Snapdragon 616
Qualcomm Snapdragon 415 Firmware
Qualcomm Snapdragon 415
Qualcomm SDM636 Firmware
Qualcomm Snapdragon 636
Qualcomm Snapdragon 712 Firmware
Qualcomm Snapdragon 712
qualcomm sdm710 firmware
Qualcomm Snapdragon 710
Qualcomm SDM670 Firmware
Qualcomm SDM670
Qualcomm SD820 Firmware
Qualcomm SD820 Firmware
Qualcomm SD820A Firmware
Qualcomm SD820A Firmware
Qualcomm SD855 Firmware
Qualcomm SD855 Firmware
Qualcomm SDA660
Qualcomm SDA660
Qualcomm SD660 Firmware
Qualcomm Snapdragon 660
Qualcomm SDX20 Firmware
Qualcomm SDX20 Firmware
Qualcomm SDX24
Qualcomm SDX24

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2019-2257?
CVE-2019-2257 is a vulnerability related to wrong permissions in configuration file that can lead to unauthorized permission in certain Qualcomm products running Android.
Which Qualcomm products are affected by CVE-2019-2257?
CVE-2019-2257 affects Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210, SD 212, SD 205, SD 415, SD 615, SD 616, SD 636, SD 712, SD 710, SD 670, SD 820, SD 820a, SD 855, SDA660, SDM660, SDX20, SDX24 with certain firmware versions.
What is the severity of CVE-2019-2257?
CVE-2019-2257 has a severity rating of high.
How can CVE-2019-2257 be fixed?
To fix CVE-2019-2257, it is recommended to follow the instructions provided in the official Android security bulletin and to update the affected Qualcomm products with the latest firmware patches.
What is CWE-732?
CWE-732 is a classification for the vulnerability related to incorrect permissions.

agent/type
agent/first-publish-date
agent/severity
agent/weakness
agent/references
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/event
agent/last-modified-date
agent/source
collector/android-source
source/Android
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/google
canonical/android
vendor/qualcomm
canonical/qualcomm mdm9150 firmware
canonical/qualcomm md9607 firmware
canonical/qualcomm mdm9607 firmware
canonical/qualcomm mdm9650
canonical/qualcomm mdm9650 firmware
canonical/qualcomm msm8909w
canonical/qualcomm snapdragon 8909
canonical/qualcomm msm8996au firmware
canonical/qualcomm qcs405 firmware
canonical/qualcomm zz qcs605 firmware
canonical/qualcomm qcs605 firmware
canonical/qualcomm sd210 firmware
canonical/qualcomm sd 210 firmware
canonical/qualcomm sd 212
canonical/qualcomm sd 212 firmware
canonical/qualcomm sd205 firmware
canonical/qualcomm sd615 firmware
canonical/qualcomm snapdragon 615
canonical/qualcomm sd 616 firmware
canonical/qualcomm snapdragon 616
canonical/qualcomm snapdragon 415 firmware
canonical/qualcomm snapdragon 415
canonical/qualcomm sdm636 firmware
canonical/qualcomm snapdragon 636
canonical/qualcomm snapdragon 712 firmware
canonical/qualcomm snapdragon 712
canonical/qualcomm sdm710 firmware
canonical/qualcomm snapdragon 710
canonical/qualcomm sdm670 firmware
canonical/qualcomm sdm670
canonical/qualcomm sd820 firmware
canonical/qualcomm sd820a firmware
canonical/qualcomm sd855 firmware
canonical/qualcomm sda660
canonical/qualcomm sd660 firmware
canonical/qualcomm snapdragon 660
canonical/qualcomm sdx20 firmware
canonical/qualcomm sdx24

CVE-2019-2257

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2019-2257?

Which Qualcomm products are affected by CVE-2019-2257?

What is the severity of CVE-2019-2257?

How can CVE-2019-2257 be fixed?

What is CWE-732?

Company

Resources

Contact