CVE-2016-10473

Q: What is the severity of CVE-2016-10473?

CVE-2016-10473 has a CVSS score of 9.8 (CRITICAL). A buffer overflow vulnerability in Qualcomm Snapdragon chipsets used in Android devices allows attackers to execute arbitrary code or cause denial of service. This affects Android devices with Qualcomm chipsets before the April 2018 security patch. The vulnerability is in supplementary services functionality and has a critical CVSS score of 9.8.

9.8 CRITICAL

📋 TL;DR

A buffer overflow vulnerability in Qualcomm Snapdragon chipsets used in Android devices allows attackers to execute arbitrary code or cause denial of service. This affects Android devices with Qualcomm chipsets before the April 2018 security patch. The vulnerability is in supplementary services functionality and has a critical CVSS score of 9.8.

💻 Affected Systems

Products:

Android devices with Qualcomm Snapdragon chipsets

Versions: Android versions before April 5, 2018 security patch

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Affects specific Qualcomm chipsets: MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Device crash/reboot (denial of service) or limited code execution depending on exploit implementation.

🟢

If Mitigated

No impact if patched; limited impact if network segmentation prevents attacker access.

🌐 Internet-Facing: HIGH - Affects mobile devices that regularly connect to untrusted networks.

🏢 Internal Only: MEDIUM - Could be exploited via internal network attacks or malicious apps.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Buffer overflow in supplementary services suggests potential for remote exploitation, but specific exploit details are not publicly documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android security patch level April 5, 2018 or later

Vendor Advisory: https://source.android.com/security/bulletin/2018-04-01

Restart Required: Yes

Instructions:

1. Check device security patch level in Settings > About phone > Android security patch level. 2. If before April 2018, install latest available system update. 3. For enterprise devices, push updates via MDM. 4. For custom ROMs, check with ROM maintainer for patches.

🔧 Temporary Workarounds

Network segmentation

all

Restrict device network access to trusted networks only

App restriction

android

Disable installation of apps from unknown sources

🧯 If You Can't Patch

Isolate affected devices on separate network segments
Implement strict application whitelisting and monitoring

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android security patch level. If date is before April 2018, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows April 2018 or later after update installation.

📡 Detection & Monitoring

Log Indicators:

Unexpected device reboots
Supplementary services process crashes
Memory corruption errors in system logs

Network Indicators:

Unusual network traffic to/from mobile devices
Suspicious supplementary services protocol activity

SIEM Query:

source="android_device" AND (event_type="crash" OR event_type="reboot") AND process_name="supplementary_services"

📊 Metadata

CVE ID: CVE-2016-10473

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: April 18, 2018

Last Updated: November 21, 2024

🔗 References

http://www.securityfocus.com/bid/103671 Third Party Advisory,VDB Entry
https://source.android.com/security/bulletin/2018-04-01 Vendor Advisory
http://www.securityfocus.com/bid/103671 Third Party Advisory,VDB Entry
https://source.android.com/security/bulletin/2018-04-01 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Mdm9206 Firmware by Qualcomm

Mdm9607 Firmware by Qualcomm

Mdm9650 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Sd 205 Firmware by Qualcomm

Sd 210 Firmware by Qualcomm

Sd 212 Firmware by Qualcomm

Sd 400 Firmware by Qualcomm

Sd 410 Firmware by Qualcomm

Sd 412 Firmware by Qualcomm

Sd 415 Firmware by Qualcomm

Sd 425 Firmware by Qualcomm

Sd 430 Firmware by Qualcomm

Sd 450 Firmware by Qualcomm

Sd 600 Firmware by Qualcomm

Sd 615 Firmware by Qualcomm

Sd 616 Firmware by Qualcomm

Sd 617 Firmware by Qualcomm

Sd 625 Firmware by Qualcomm

Sd 650 Firmware by Qualcomm

Sd 652 Firmware by Qualcomm

Sd 800 Firmware by Qualcomm

Sd 808 Firmware by Qualcomm

Sd 810 Firmware by Qualcomm

Sd 820 Firmware by Qualcomm

Sd 835 Firmware by Qualcomm

Sdx20 Firmware by Qualcomm