app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory locations within bootloader memory.
Conclusion & alert: CVE-2013-2598 is rated Low Risk (34.4/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.31%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.05% | 0.31% | +0.26% |
| 2 | 2025-03-30 | 0.07% | 0.05% | -0.02% |
| 3 | 2025-03-29 | — | 0.07% | — |
Full EPSS history (5 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.6 | 2.0 | MEDIUM |
|
3.9 | 9.2 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| codeaurora | android-msm | 2.6.29 | cpe:2.3:o:codeaurora:android-msm:2.6.29:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.2.54 | cpe:2.3:o:codeaurora:android-msm:3.2.54:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.2.55 | cpe:2.3:o:codeaurora:android-msm:3.2.55:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.2.56 | cpe:2.3:o:codeaurora:android-msm:3.2.56:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.2.57 | cpe:2.3:o:codeaurora:android-msm:3.2.57:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.2.58 | cpe:2.3:o:codeaurora:android-msm:3.2.58:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.2.59 | cpe:2.3:o:codeaurora:android-msm:3.2.59:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.2.60 | cpe:2.3:o:codeaurora:android-msm:3.2.60:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.2.61 | cpe:2.3:o:codeaurora:android-msm:3.2.61:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.2.62 | cpe:2.3:o:codeaurora:android-msm:3.2.62:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.72 | cpe:2.3:o:codeaurora:android-msm:3.4.72:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.73 | cpe:2.3:o:codeaurora:android-msm:3.4.73:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.74 | cpe:2.3:o:codeaurora:android-msm:3.4.74:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.75 | cpe:2.3:o:codeaurora:android-msm:3.4.75:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.76 | cpe:2.3:o:codeaurora:android-msm:3.4.76:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.77 | cpe:2.3:o:codeaurora:android-msm:3.4.77:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.78 | cpe:2.3:o:codeaurora:android-msm:3.4.78:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.79 | cpe:2.3:o:codeaurora:android-msm:3.4.79:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.80 | cpe:2.3:o:codeaurora:android-msm:3.4.80:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.81 | cpe:2.3:o:codeaurora:android-msm:3.4.81:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.82 | cpe:2.3:o:codeaurora:android-msm:3.4.82:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.83 | cpe:2.3:o:codeaurora:android-msm:3.4.83:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.84 | cpe:2.3:o:codeaurora:android-msm:3.4.84:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.85 | cpe:2.3:o:codeaurora:android-msm:3.4.85:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.86 | cpe:2.3:o:codeaurora:android-msm:3.4.86:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.87 | cpe:2.3:o:codeaurora:android-msm:3.4.87:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.88 | cpe:2.3:o:codeaurora:android-msm:3.4.88:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.89 | cpe:2.3:o:codeaurora:android-msm:3.4.89:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.90 | cpe:2.3:o:codeaurora:android-msm:3.4.90:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.91 | cpe:2.3:o:codeaurora:android-msm:3.4.91:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.92 | cpe:2.3:o:codeaurora:android-msm:3.4.92:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.93 | cpe:2.3:o:codeaurora:android-msm:3.4.93:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.94 | cpe:2.3:o:codeaurora:android-msm:3.4.94:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.95 | cpe:2.3:o:codeaurora:android-msm:3.4.95:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.96 | cpe:2.3:o:codeaurora:android-msm:3.4.96:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.97 | cpe:2.3:o:codeaurora:android-msm:3.4.97:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.98 | cpe:2.3:o:codeaurora:android-msm:3.4.98:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.99 | cpe:2.3:o:codeaurora:android-msm:3.4.99:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.100 | cpe:2.3:o:codeaurora:android-msm:3.4.100:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.101 | cpe:2.3:o:codeaurora:android-msm:3.4.101:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.102 | cpe:2.3:o:codeaurora:android-msm:3.4.102:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.4.103 | cpe:2.3:o:codeaurora:android-msm:3.4.103:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10 | cpe:2.3:o:codeaurora:android-msm:3.10:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.22 | cpe:2.3:o:codeaurora:android-msm:3.10.22:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.23 | cpe:2.3:o:codeaurora:android-msm:3.10.23:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.24 | cpe:2.3:o:codeaurora:android-msm:3.10.24:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.25 | cpe:2.3:o:codeaurora:android-msm:3.10.25:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.26 | cpe:2.3:o:codeaurora:android-msm:3.10.26:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.27 | cpe:2.3:o:codeaurora:android-msm:3.10.27:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.28 | cpe:2.3:o:codeaurora:android-msm:3.10.28:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.29 | cpe:2.3:o:codeaurora:android-msm:3.10.29:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.30 | cpe:2.3:o:codeaurora:android-msm:3.10.30:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.31 | cpe:2.3:o:codeaurora:android-msm:3.10.31:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.32 | cpe:2.3:o:codeaurora:android-msm:3.10.32:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.33 | cpe:2.3:o:codeaurora:android-msm:3.10.33:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.35 | cpe:2.3:o:codeaurora:android-msm:3.10.35:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.36 | cpe:2.3:o:codeaurora:android-msm:3.10.36:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.37 | cpe:2.3:o:codeaurora:android-msm:3.10.37:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.38 | cpe:2.3:o:codeaurora:android-msm:3.10.38:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.39 | cpe:2.3:o:codeaurora:android-msm:3.10.39:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.40 | cpe:2.3:o:codeaurora:android-msm:3.10.40:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.41 | cpe:2.3:o:codeaurora:android-msm:3.10.41:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.42 | cpe:2.3:o:codeaurora:android-msm:3.10.42:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.43 | cpe:2.3:o:codeaurora:android-msm:3.10.43:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.44 | cpe:2.3:o:codeaurora:android-msm:3.10.44:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.45 | cpe:2.3:o:codeaurora:android-msm:3.10.45:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.46 | cpe:2.3:o:codeaurora:android-msm:3.10.46:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.47 | cpe:2.3:o:codeaurora:android-msm:3.10.47:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.48 | cpe:2.3:o:codeaurora:android-msm:3.10.48:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.49 | cpe:2.3:o:codeaurora:android-msm:3.10.49:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.50 | cpe:2.3:o:codeaurora:android-msm:3.10.50:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.51 | cpe:2.3:o:codeaurora:android-msm:3.10.51:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.52 | cpe:2.3:o:codeaurora:android-msm:3.10.52:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.10.53 | cpe:2.3:o:codeaurora:android-msm:3.10.53:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.12.3 | cpe:2.3:o:codeaurora:android-msm:3.12.3:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.12.4 | cpe:2.3:o:codeaurora:android-msm:3.12.4:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.12.5 | cpe:2.3:o:codeaurora:android-msm:3.12.5:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.12.6 | cpe:2.3:o:codeaurora:android-msm:3.12.6:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.12.7 | cpe:2.3:o:codeaurora:android-msm:3.12.7:*:*:*:*:*:*:* |
| codeaurora | android-msm | 3.12.8 | cpe:2.3:o:codeaurora:android-msm:3.12.8:*:*:*:*:*:*:* |