1. CVE-Search
  2. CVE-2020-11208
ID CVE-2020-11208
Summary Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument' in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439
References
Vulnerable Configurations
  • cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd821_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd821_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd821:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd821:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sda855_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sda855_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sda855:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sda855:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd429_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd429_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd429:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd429:-:*:*:*:*:*:*:*
  • cpe:2.3:o:qualcomm:sd439_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:qualcomm:sd439_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sd439:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sd439:-:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 19-10-2022 - 15:43)
Impact:
Exploitability:
CWE CWE-191
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
confirm https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin
Last major update 19-10-2022 - 15:43
Published 12-11-2020 - 10:15
Last modified 19-10-2022 - 15:43
Back to Top