Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

CVE-2018-13895 : What You Need to Know

Learn about CVE-2018-13895, an Android Telephony access control vulnerability in Qualcomm products. Find out affected systems, versions, and mitigation steps.

A vulnerability in Qualcomm products could allow unauthorized access to phones through the RCS app.

Understanding CVE-2018-13895

This CVE identifies an improper access control issue in Android Telephony within various Qualcomm products.

What is CVE-2018-13895?

The vulnerability arises from missing permissions on content providers in the RCS app's Android manifest file, enabling unauthorized phone access.

The Impact of CVE-2018-13895

The vulnerability could lead to unauthorized access to phones in a wide range of Qualcomm products across different sectors.

Technical Details of CVE-2018-13895

This section provides more technical insights into the vulnerability.

Vulnerability Description

The absence of necessary permissions on specific content providers in the Android manifest file of the RCS app results in unauthorized phone access in various Qualcomm products.

Affected Systems and Versions

        Affected Products: Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables
        Affected Versions: MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20

Exploitation Mechanism

The vulnerability allows unauthorized access to phones by exploiting the Android Telephony system due to missing permissions.

Mitigation and Prevention

Protecting systems from this vulnerability is crucial for maintaining security.

Immediate Steps to Take

        Apply security patches provided by Qualcomm promptly.
        Review and update Android manifest files to ensure proper permissions.

Long-Term Security Practices

        Regularly monitor and update security configurations.
        Conduct security audits to identify and address access control issues.

Patching and Updates

        Stay informed about security bulletins and updates from Qualcomm.
        Implement patches and updates as soon as they are available.

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now