Login Sign Up

CVE-2018-11932

9.1 CRITICAL

📋 TL;DR

This vulnerability allows improper input validation in Qualcomm Snapdragon chipsets, enabling read/write access to secure subsystems from the high-level operating system (HLOS). It affects multiple Snapdragon platforms across automotive, compute, connectivity, mobile, and IoT devices. Attackers could potentially compromise secure system components.

💻 Affected Systems

Products:
  • Snapdragon Auto
  • Snapdragon Compute
  • Snapdragon Connectivity
  • Snapdragon Consumer Electronics Connectivity
  • Snapdragon Consumer IOT
  • Snapdragon Industrial IOT
  • Snapdragon Mobile
Versions: MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712/SD 710/SD 670, SD 820, SD 820A, SD 835, SD 845/SD 850, SD 8CX, SXR1130
Operating Systems: Android, Linux-based systems using affected chipsets
Default Config Vulnerable: ⚠️ Yes
Notes: Affects hardware/firmware level, not dependent on specific OS configuration.

📦 What is this software?

Mdm9650 Firmware by Qualcomm

View all CVEs affecting Mdm9650 Firmware →

Mdm9655 Firmware by Qualcomm

View all CVEs affecting Mdm9655 Firmware →

Msm8996au Firmware by Qualcomm

View all CVEs affecting Msm8996au Firmware →

Qcs605 Firmware by Qualcomm

View all CVEs affecting Qcs605 Firmware →

Sd 12 Firmware by Qualcomm

View all CVEs affecting Sd 12 Firmware →

Sd 16 Firmware by Qualcomm

View all CVEs affecting Sd 16 Firmware →

Sd 410 Firmware by Qualcomm

View all CVEs affecting Sd 410 Firmware →

Sd 415 Firmware by Qualcomm

View all CVEs affecting Sd 415 Firmware →

Sd 615 Firmware by Qualcomm

View all CVEs affecting Sd 615 Firmware →

Sd 670 Firmware by Qualcomm

View all CVEs affecting Sd 670 Firmware →

Sd 675 Firmware by Qualcomm

View all CVEs affecting Sd 675 Firmware →

Sd 710 Firmware by Qualcomm

View all CVEs affecting Sd 710 Firmware →

Sd 712 Firmware by Qualcomm

View all CVEs affecting Sd 712 Firmware →

Sd 820 Firmware by Qualcomm

View all CVEs affecting Sd 820 Firmware →

Sd 820a Firmware by Qualcomm

View all CVEs affecting Sd 820a Firmware →

Sd 835 Firmware by Qualcomm

View all CVEs affecting Sd 835 Firmware →

Sd 845 Firmware by Qualcomm

View all CVEs affecting Sd 845 Firmware →

Sd 850 Firmware by Qualcomm

View all CVEs affecting Sd 850 Firmware →

Sd 8cx Firmware by Qualcomm

View all CVEs affecting Sd 8cx Firmware →

Sxr1130 Firmware by Qualcomm

View all CVEs affecting Sxr1130 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of secure subsystem allowing extraction of cryptographic keys, secure boot bypass, and persistent device compromise.

🟠

Likely Case

Privilege escalation allowing unauthorized access to protected memory regions and sensitive data.

🟢

If Mitigated

Limited impact with proper input validation and memory protection mechanisms in place.

🌐 Internet-Facing: MEDIUM - Requires local access or malware execution, but could be combined with other exploits.
🏢 Internal Only: HIGH - Direct device access enables exploitation of this hardware-level vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local code execution or physical access. No public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Vendor-specific firmware updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches. 3. Reboot device to apply firmware updates.

🔧 Temporary Workarounds

Restrict physical access

all

Limit physical access to affected devices to prevent local exploitation.

Application sandboxing

linux

Implement strict application sandboxing to limit potential attack surface.

🧯 If You Can't Patch

  • Isolate affected devices on separate network segments
  • Implement strict access controls and monitoring for devices with vulnerable chipsets

🔍 How to Verify

Check if Vulnerable:

Check device chipset model and firmware version against affected list. Use 'cat /proc/cpuinfo' on Linux systems to identify processor.

Check Version:

cat /proc/cpuinfo | grep -i qualcomm

Verify Fix Applied:

Verify firmware version has been updated to post-patch release. Check with device manufacturer for specific version information.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected secure subsystem access attempts
  • Firmware modification logs
  • Privilege escalation attempts

Network Indicators:

  • Unusual outbound connections from secure subsystems
  • Unexpected firmware update requests

SIEM Query:

search 'secure subsystem access' OR 'firmware modification' from affected device models

📊 Metadata

CVE ID: CVE-2018-11932
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-20
Published: February 25, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-11932, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2019-11708 10.0

This vulnerability allows a compromised child process in Firefox/Thunderbird to trick the parent pro...

Same vulnerability type (CWE-20)
CVE-2020-12388 10.0

This vulnerability allows attackers to escape Firefox's content process sandbox on Windows systems, ...

Same vulnerability type (CWE-20)