ID
VAR-201804-0324
CVE
CVE-2014-10058
TITLE
plural Qualcomm Run on product Android Vulnerabilities related to authorization, permissions, and access control
Trust: 0.8
DESCRIPTION
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, unauthorized users can potentially modify system time. plural Qualcomm Run on product Android Contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. Google Android is prone to multiple unspecified security vulnerabilities. Little is known about these issues or its effects at this time. We will update this BID as more information emerges. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). are the central processing unit (CPU) products of Qualcomm (Qualcomm). A security vulnerability exists in Qualcomm closed-source components in Android versions prior to 2018-04-05. An attacker could exploit this vulnerability to change the system time
Trust: 2.07
AFFECTED PRODUCTS
| vendor: | qualcomm | model: | sd 212 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 205 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 625 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 400 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 435 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 430 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 617 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 425 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 427 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 450 | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | qualcomm | model: | sd 845 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 650 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 800 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 652 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 210 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | qualcomm | model: | sd 205 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 210 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 212 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 400 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 425 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 427 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 430 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 435 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 450 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 617 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 625 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 650 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 652 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 800 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | qualcomm | model: | sd 845 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | model: | pixel xl | scope: | eq | version: | 0 | Trust: 0.3 | |
| vendor: | model: | pixel c | scope: | eq | version: | 0 | Trust: 0.3 | |
| vendor: | model: | pixel xl | scope: | eq | version: | 20 | Trust: 0.3 | |
| vendor: | model: | pixel | scope: | eq | version: | 20 | Trust: 0.3 | |
| vendor: | model: | pixel | scope: | eq | version: | 0 | Trust: 0.3 | |
| vendor: | model: | nexus | scope: | eq | version: | 9 | Trust: 0.3 | |
| vendor: | model: | nexus | scope: | eq | version: | 7 | Trust: 0.3 | |
| vendor: | model: | nexus 6p | scope: | - | version: | - | Trust: 0.3 | |
| vendor: | model: | nexus | scope: | eq | version: | 6 | Trust: 0.3 | |
| vendor: | model: | nexus | scope: | eq | version: | 5x | Trust: 0.3 | |
| vendor: | model: | nexus | scope: | eq | version: | 5 | Trust: 0.3 | |
| vendor: | model: | nexus | scope: | eq | version: | 4 | Trust: 0.3 | |
| vendor: | model: | nexus | scope: | eq | version: | 10 | Trust: 0.3 | |
| vendor: | model: | android | scope: | eq | version: | 0 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-264 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
permissions and access control
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Android のセキュリティに関する公開情報 - 2018 年 4 月 | url: | https://source.android.com/security/bulletin/2018-04-01 | Trust: 0.8 |
| title: | Android Qualcomm Repair measures for closed source component security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81352 | Trust: 0.6 |
| title: | Android Security Bulletins: Android Security Bulletin—April 2018 | url: | https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=068d787c35ce8cea494780f9a47b5827 | Trust: 0.1 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-10058 | Trust: 2.9 |
| db: | BID | id: | 103671 | Trust: 1.5 |
| db: | JVNDB | id: | JVNDB-2018-003795 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201804-1056 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-68599 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2014-10058 | Trust: 0.1 |
REFERENCES
| url: | https://source.android.com/security/bulletin/2018-04-01 | Trust: 2.1 |
| url: | http://www.securityfocus.com/bid/103671 | Trust: 1.3 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-10058 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-10058 | Trust: 0.8 |
| url: | http://code.google.com/android/ | Trust: 0.3 |
| url: | https://cwe.mitre.org/data/definitions/264.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
| url: | https://source.android.com/security/bulletin/2018-04-01.html | Trust: 0.1 |
CREDITS
The vendor reported these issues.
Trust: 0.3
SOURCES
| db: | VULHUB | id: | VHN-68599 |
| db: | VULMON | id: | CVE-2014-10058 |
| db: | BID | id: | 103671 |
| db: | JVNDB | id: | JVNDB-2018-003795 |
| db: | CNNVD | id: | CNNVD-201804-1056 |
| db: | NVD | id: | CVE-2014-10058 |
LAST UPDATE DATE
2024-11-23T21:39:17.273000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-68599 | date: | 2018-05-09T00:00:00 |
| db: | VULMON | id: | CVE-2014-10058 | date: | 2018-05-09T00:00:00 |
| db: | BID | id: | 103671 | date: | 2018-04-05T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-003795 | date: | 2018-06-05T00:00:00 |
| db: | CNNVD | id: | CNNVD-201804-1056 | date: | 2018-05-18T00:00:00 |
| db: | NVD | id: | CVE-2014-10058 | date: | 2024-11-21T02:03:25.743 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-68599 | date: | 2018-04-18T00:00:00 |
| db: | VULMON | id: | CVE-2014-10058 | date: | 2018-04-18T00:00:00 |
| db: | BID | id: | 103671 | date: | 2018-04-05T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-003795 | date: | 2018-06-05T00:00:00 |
| db: | CNNVD | id: | CNNVD-201804-1056 | date: | 2018-04-19T00:00:00 |
| db: | NVD | id: | CVE-2014-10058 | date: | 2018-04-18T14:29:01.120 |