{"vulnerability": "CVE-2020-1117", "sightings": [{"uuid": "d9971e32-2cb8-4b40-b5c5-af2d4667edbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11170", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/115926387351405846", "content": "", "creation_timestamp": "2026-01-20T08:04:52.521988Z"}, {"uuid": "5519d9f1-7ccf-498d-9f59-30a0d85ca48e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11171", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/115926387351405846", "content": "", "creation_timestamp": "2026-01-20T08:04:54.197143Z"}, {"uuid": "dc581a7f-184f-475b-a86a-367760b7b41f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11177", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/115926387351405846", "content": "", "creation_timestamp": "2026-01-20T08:04:55.382921Z"}, {"uuid": "90f0ff8e-42c0-4e1b-9f16-3ffd456e9ece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11178", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/115926387351405846", "content": "", "creation_timestamp": "2026-01-20T08:04:57.259380Z"}, {"uuid": "cb7254f0-d551-4f48-8b0c-fc710df6393a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11170", "type": "seen", "source": "https://t.me/cibsecurity/23898", "content": "\u203c CVE-2020-11170 \u203c\n\nOut of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-22T12:28:00.000000Z"}, {"uuid": "3b8cc459-4a53-422c-a10c-47b465e0650d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1117", "type": "seen", "source": "https://t.me/true_secator/563", "content": "Microsoft \u0432\u0447\u0435\u0440\u0430 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043c\u0430\u0439\u0441\u043a\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043b\u0438\u043d\u0435\u0439\u043a\u0438 \u0441\u0432\u043e\u0435\u0433\u043e \u041f\u041e, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Windows, Edge, Office, Defender, Visual Studio \u0438 \u043f\u0440.\n\n\u0410\u043f\u0434\u0435\u0439\u0442 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 111 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 16 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0438, \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u0432\u043e\u0435\u043c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0432 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443, \u0442\u0430\u043a\u043e\u0432\u043e\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2020-1117, \u0432\u0435\u0441\u044c\u043c\u0430 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0439 \u0431\u0430\u0433 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 ICM32.dll, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0439 \u0437\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0446\u0432\u0435\u0442\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0431\u0443\u0444\u0435\u0440\u0430. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0437\u0430\u043c\u0430\u043d\u0438\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0441\u0430\u0439\u0442, \u043c\u043e\u0436\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u0439 \u043a\u043e\u0434 \u0438 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443. \u041a\u0441\u0442\u0430\u0442\u0438, \u044d\u0442\u0430 \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 FLARE \u043d\u0430\u0448\u0435\u0433\u043e \"\u043b\u044e\u0431\u0438\u043c\u043e\u0433\u043e\" \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0432\u0435\u043d\u0434\u043e\u0440\u0430 FireEye.\n\n\u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, \u043e\u0436\u0438\u0434\u0430\u0435\u043c \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u044d\u0442\u043e\u0433\u043e \u043c\u0430\u0441\u0448\u0430\u0431\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u043f\u043e \u0434\u0440\u0443\u0433\u043e\u043c\u0443 \u0443 Microsoft \u043d\u0435 \u0431\u044b\u0432\u0430\u0435\u0442.\n\n\u0418 \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u043d\u0430\u0434\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u043c\u044b\u0435 \u0430\u043f\u0434\u0435\u0439\u0442\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0436 \u0431\u043e\u043b\u044c\u043d\u043e \u0437\u043b\u044b\u0435.", "creation_timestamp": "2020-05-13T11:02:12.000000Z"}, {"uuid": "ad00a796-2f76-4331-aeee-94e20112acad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11177", "type": "seen", "source": "https://t.me/cibsecurity/23897", "content": "\u203c CVE-2020-11177 \u203c\n\nUser can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-22T12:27:59.000000Z"}, {"uuid": "b34ff3c7-6f59-4ccc-ad23-ffa057237682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11179", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1719", "content": "#Hardware_Security\nAttacking the Qualcomm Adreno GPU (CVE-2020-11179)\nhttps://googleprojectzero.blogspot.com/2020/09/attacking-qualcomm-adreno-gpu.html\n]-> PoC Exploit:\n(ringbuffer corruption & protected mode bypass):\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2052\n]-> An Exploit Chain to Remotely Root Modern Android Devices (.pdf):\nhttps://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices/blob/master/us-20-Gong-TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices-wp.pdf", "creation_timestamp": "2022-06-09T03:39:15.000000Z"}, {"uuid": "ec72bcea-f79a-4c93-a134-632bddce4cd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11179", "type": "published-proof-of-concept", "source": "Telegram/z6sAJ7Jd5wwjm16OBPceLokbsR3mcY-jKH0RdeBqhc3W5Q8", "content": "", "creation_timestamp": "2020-09-09T14:27:47.000000Z"}, {"uuid": "1d0001c3-af37-4db9-af2b-0e1ef4e61db1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11174", "type": "seen", "source": "https://t.me/cibsecurity/15765", "content": "\u203c CVE-2020-11174 \u203c\n\nu'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-02T12:38:39.000000Z"}]}