Login Sign Up

CVE-2015-9207

9.8 CRITICAL

📋 TL;DR

This vulnerability allows attackers to read memory beyond allocated buffers in Android devices with specific Qualcomm Snapdragon chipsets. It affects Android devices before the April 2018 security patch level. The buffer overread could lead to information disclosure or potentially remote code execution.

💻 Affected Systems

Products:
  • Android devices with Qualcomm Snapdragon chipsets
Versions: Android versions before April 2018 security patch (2018-04-05)
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Specifically affects Qualcomm Snapdragon Mobile and Snapdragon Wear chipsets: MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810.

📦 What is this software?

Msm8909w Firmware by Qualcomm

View all CVEs affecting Msm8909w Firmware →

Sd 205 Firmware by Qualcomm

View all CVEs affecting Sd 205 Firmware →

Sd 210 Firmware by Qualcomm

View all CVEs affecting Sd 210 Firmware →

Sd 212 Firmware by Qualcomm

View all CVEs affecting Sd 212 Firmware →

Sd 400 Firmware by Qualcomm

View all CVEs affecting Sd 400 Firmware →

Sd 410 Firmware by Qualcomm

View all CVEs affecting Sd 410 Firmware →

Sd 412 Firmware by Qualcomm

View all CVEs affecting Sd 412 Firmware →

Sd 415 Firmware by Qualcomm

View all CVEs affecting Sd 415 Firmware →

Sd 615 Firmware by Qualcomm

View all CVEs affecting Sd 615 Firmware →

Sd 616 Firmware by Qualcomm

View all CVEs affecting Sd 616 Firmware →

Sd 617 Firmware by Qualcomm

View all CVEs affecting Sd 617 Firmware →

Sd 650 Firmware by Qualcomm

View all CVEs affecting Sd 650 Firmware →

Sd 652 Firmware by Qualcomm

View all CVEs affecting Sd 652 Firmware →

Sd 800 Firmware by Qualcomm

View all CVEs affecting Sd 800 Firmware →

Sd 808 Firmware by Qualcomm

View all CVEs affecting Sd 808 Firmware →

Sd 810 Firmware by Qualcomm

View all CVEs affecting Sd 810 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data theft, and persistent backdoor installation.

🟠

Likely Case

Information disclosure where attackers can read sensitive memory contents, potentially exposing cryptographic keys or user data.

🟢

If Mitigated

Limited impact with proper memory protections and exploit mitigations in place, potentially just causing application crashes.

🌐 Internet-Facing: MEDIUM - Requires malicious content delivery but could be exploited via web or media content.
🏢 Internal Only: LOW - Primarily affects mobile/wearable devices rather than traditional internal network infrastructure.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Buffer overread vulnerabilities typically require specific memory manipulation knowledge but don't require authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android security patch level 2018-04-05 or later

Vendor Advisory: https://source.android.com/security/bulletin/2018-04-01

Restart Required: Yes

Instructions:

1. Check device security patch level in Settings > About phone > Android security patch level. 2. If before April 2018, install latest Android updates. 3. For devices no longer receiving updates, consider replacement.

🔧 Temporary Workarounds

Disable PlayReady DRM

android

Disable or restrict PlayReady DRM functionality that triggers the vulnerable function

🧯 If You Can't Patch

  • Isolate affected devices from untrusted networks and content sources
  • Implement application whitelisting to prevent execution of untrusted media applications

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android security patch level. If date is before 2018-04-05, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows 2018-04-05 or later date after applying updates.

📡 Detection & Monitoring

Log Indicators:

  • PlayReady DRM-related crashes
  • Memory access violation logs
  • Media framework exceptions

Network Indicators:

  • Unusual media content requests to vulnerable devices
  • Exploit kit traffic patterns

SIEM Query:

source="android_logs" AND ("playready" OR "drm") AND ("crash" OR "exception" OR "violation")

📊 Metadata

CVE ID: CVE-2015-9207
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-20
Published: April 18, 2018
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2015-9207, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2019-11708 10.0

This vulnerability allows a compromised child process in Firefox/Thunderbird to trick the parent pro...

Same vulnerability type (CWE-20)
CVE-2020-12388 10.0

This vulnerability allows attackers to escape Firefox's content process sandbox on Windows systems, ...

Same vulnerability type (CWE-20)