{"vulnerability": "CVE-2020-1122", "sightings": [{"uuid": "f7e35fb9-a676-4229-9353-f968c67e8300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11227", "type": "seen", "source": "https://t.me/cKure/4155", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Google addressed 37 vulnerabilities with the release of the Android security updates for March 2021, including a Remote Code Execution flaw in the Android System component.\n\n5 out of 27 issues were rated as critical (CVE-2020-11192, CVE-2020-11204, CVE-2020-11218, CVE-2020-11227, CVE-2020-11228) and affect Qualcomm's closed-source components.\n\nhttps://source.android.com/security/bulletin/2021-03-01", "creation_timestamp": "2021-03-03T04:59:01.000000Z"}, {"uuid": "38317c35-94e4-46ec-a2e0-61e5251b5fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11226", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/115926387351405846", "content": "", "creation_timestamp": "2026-01-20T08:05:00.295633Z"}, {"uuid": "e3fb4448-baf1-46cb-b4eb-c3b29d300dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11228", "type": "seen", "source": "https://t.me/cKure/4155", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Google addressed 37 vulnerabilities with the release of the Android security updates for March 2021, including a Remote Code Execution flaw in the Android System component.\n\n5 out of 27 issues were rated as critical (CVE-2020-11192, CVE-2020-11204, CVE-2020-11218, CVE-2020-11227, CVE-2020-11228) and affect Qualcomm's closed-source components.\n\nhttps://source.android.com/security/bulletin/2021-03-01", "creation_timestamp": "2021-03-03T04:59:01.000000Z"}, {"uuid": "2e4cb568-1f77-464e-846b-a6c3fa32ccaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11223", "type": "seen", "source": "https://t.me/cibsecurity/23905", "content": "\u203c CVE-2020-11223 \u203c\n\nOut of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-22T12:28:07.000000Z"}, {"uuid": "352e9fcf-79a3-4042-8ecb-3e05661b1ea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11221", "type": "seen", "source": "https://t.me/cibsecurity/25003", "content": "\u203c CVE-2020-11221 \u203c\n\nUsage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-17T11:31:06.000000Z"}, {"uuid": "6d6d150b-d5ab-4081-a7ab-d9a6a654f0f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11227", "type": "seen", "source": "https://t.me/cibsecurity/24999", "content": "\u203c CVE-2020-11227 \u203c\n\nOut of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-17T11:31:00.000000Z"}, {"uuid": "2eb950d6-d258-4294-871f-b7fc8be387bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11228", "type": "seen", "source": "https://t.me/cibsecurity/24998", "content": "\u203c CVE-2020-11228 \u203c\n\nPart of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-17T11:30:59.000000Z"}, {"uuid": "8e2d30b1-68f1-4ad1-b090-b70b5767af2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11222", "type": "seen", "source": "https://t.me/cibsecurity/24985", "content": "\u203c CVE-2020-11222 \u203c\n\nBuffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-17T11:30:42.000000Z"}, {"uuid": "c7f41c57-d1c9-4017-8fc6-989300404c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11220", "type": "seen", "source": "https://t.me/cibsecurity/24989", "content": "\u203c CVE-2020-11220 \u203c\n\nWhile processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a specific time while executing the storage SCM call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-17T11:30:45.000000Z"}, {"uuid": "1f892ec9-665a-41d2-9cbb-13054958536b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11226", "type": "seen", "source": "https://t.me/cibsecurity/24993", "content": "\u203c CVE-2020-11226 \u203c\n\nOut of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-17T11:30:52.000000Z"}]}