How severe is CVE-2019-10601?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2019-10601?

This is classified as CWE-129, which is a common weakness in software security.

CVE-2019-10601 - HIGH Severity | CVSS 7.8

Vulnerability Description

Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MSM8996AU, Nicobar, QCA6574AU, QCN7605, QCS405, SDM630, SDM636, SDM660, SDM845, SM6150, SM7150, SM8150

Related Vulnerabilities

CVE-2014-9948

HIGH

CVSS:7.8(High)

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist.

CWE-1292014

CVE-2016-8815

HIGH

CVSS:7.8(High)

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used withou...

CWE-1292016

CVE-2016-8816

HIGH

CVSS:7.8(High)

CWE-1292016

CVE-2017-0322

HIGH

CVSS:7.8(High)

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a value passed from a user to the driver is not correctly validated and ...

CWE-1292017

CVE-2017-0345

HIGH

CVSS:7.8(High)

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input used as an array size is not co...

CWE-1292017

CVE-2017-0347

HIGH

CVSS:7.8(High)

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not co...

CWE-1292017