CVE-2019-2300

Q: What is the severity of CVE-2019-2300?

CVE-2019-2300 has a CVSS score of 9.8 (CRITICAL). This CVE describes a buffer overflow vulnerability in the WLAN handler of Qualcomm Snapdragon chipsets. Attackers can exploit this by sending specially crafted packets to trigger memory corruption, potentially leading to remote code execution. Affected devices include smartphones, IoT devices, networking equipment, and automotive systems using the listed Snapdragon processors.

9.8 CRITICAL

Remote Code Execution Buffer Overflow

📋 TL;DR

This CVE describes a buffer overflow vulnerability in the WLAN handler of Qualcomm Snapdragon chipsets. Attackers can exploit this by sending specially crafted packets to trigger memory corruption, potentially leading to remote code execution. Affected devices include smartphones, IoT devices, networking equipment, and automotive systems using the listed Snapdragon processors.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer Electronics Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Mobile
Snapdragon Voice & Music
Snapdragon Wired Infrastructure and Networking

Versions: Firmware versions using affected chipset drivers (specific versions not publicly detailed)

Operating Systems: Android, Linux-based embedded systems, Automotive OS variants

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in WLAN firmware/drivers; all devices with WLAN enabled are vulnerable. Specific firmware versions depend on OEM implementations.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges, allowing complete device compromise, data theft, and persistent backdoor installation.

🟠

Likely Case

Device crash/reboot (denial of service) or limited code execution in WLAN subsystem context.

🟢

If Mitigated

Denial of service only if exploit attempts are blocked by network controls or patched firmware.

🌐 Internet-Facing: HIGH - WLAN interfaces are typically exposed to local networks and can be targeted remotely if WLAN is enabled.

🏢 Internal Only: MEDIUM - Requires proximity or network access, but internal attackers could exploit via local network.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending crafted WLAN packets; no authentication needed if within WLAN range. No public exploit code known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Vendor-specific firmware updates (check OEM advisories)

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches through OEM update channels. 3. Reboot device after update.

🔧 Temporary Workarounds

Disable WLAN

all

Turn off wireless networking to prevent exploitation

adb shell svc wifi disable
nmcli radio wifi off
systemctl stop wpa_supplicant

Network segmentation

all

Isolate affected devices on separate VLANs with strict firewall rules

🧯 If You Can't Patch

Segment affected devices on isolated networks with strict firewall rules blocking unnecessary WLAN traffic
Implement network monitoring for anomalous WLAN packets and disable WLAN if not essential

🔍 How to Verify

Check if Vulnerable:

Check device chipset model and firmware version against Qualcomm advisory; devices with listed chipsets are vulnerable unless patched.

Check Version:

adb shell getprop ro.bootloader (Android) or cat /proc/cpuinfo (Linux)

Verify Fix Applied:

Confirm firmware version has been updated post-March 2020 and check with manufacturer for patch confirmation.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
WLAN driver crash messages
System reboots without apparent cause

Network Indicators:

Unusual WLAN packet patterns
Malformed 802.11 frames
Excessive retransmissions

SIEM Query:

source="wlan*" AND (event="crash" OR event="panic" OR event="buffer_overflow")

📊 Metadata

CVE ID: CVE-2019-2300

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-120

Published: March 5, 2020

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Apq8009 Firmware by Qualcomm

Apq8017 Firmware by Qualcomm

Apq8053 Firmware by Qualcomm

Apq8096 Firmware by Qualcomm

Apq8098 Firmware by Qualcomm

Ipq8074 Firmware by Qualcomm

Mdm9206 Firmware by Qualcomm

Mdm9207c Firmware by Qualcomm

Mdm9607 Firmware by Qualcomm

Msm8996 Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Msm8998 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qca9379 Firmware by Qualcomm

Qca9886 Firmware by Qualcomm

Qcs605 Firmware by Qualcomm

Sda660 Firmware by Qualcomm

Sda845 Firmware by Qualcomm

Sdm630 Firmware by Qualcomm

Sdm636 Firmware by Qualcomm

Sdm660 Firmware by Qualcomm

Sdm670 Firmware by Qualcomm

Sdm710 Firmware by Qualcomm

Sdm845 Firmware by Qualcomm

Sdm850 Firmware by Qualcomm

Sm6150 Firmware by Qualcomm

Sm7150 Firmware by Qualcomm

Sm8150 Firmware by Qualcomm

Sxr1130 Firmware by Qualcomm