{"vulnerability": "CVE-2020-11261", "sightings": [{"uuid": "4a701088-3160-4573-8c57-16f83da51d26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "e5d15ed5-bdf7-4bb6-8388-5bd07b4cf7bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971180", "content": "", "creation_timestamp": "2024-12-24T20:25:27.870277Z"}, {"uuid": "50059b11-b847-4ea5-99d0-0d7befb3afdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-11261", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4b27ca30-7eea-4e90-9dbc-8049a4959188", "content": "", "creation_timestamp": "2026-02-02T12:28:32.171470Z"}, {"uuid": "b39c2b70-efc2-4667-87ce-44446254512d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:26.000000Z"}, {"uuid": "f6ec372c-b29f-4023-aaee-835678deab4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "seen", "source": "https://t.me/cyberbannews_ir/2959", "content": "\ud83d\uded1\u0647\u0634\u062f\u0627\u0631 \u06af\u0648\u06af\u0644 \u062f\u0631 \u0645\u0648\u0631\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u06a9\u0631\u0648\u0645 \u0648 \u0627\u0646\u062f\u0631\u0648\u06cc\u062f\n\n\u06af\u0648\u06af\u0644 \u062f\u0631 \u0645\u0648\u0631\u062f \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f \u06a9\u0647 \u0628\u0631 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0627\u0646\u062f\u0631\u0648\u06cc\u062f\u06cc \u0628\u0627 \u0686\u06cc\u067e\u200c\u0633\u062a\u200c\u0647\u0627\u06cc \u06a9\u0648\u0627\u0644\u06a9\u0627\u0645 (Qualcomm) \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f \u06a9\u0647 \u0628\u0647\u200c\u0648\u0633\u06cc\u0644\u0647 \u0647\u06a9\u0631\u0647\u0627 \u0628\u0631\u0627\u06cc \u062d\u0645\u0644\u0627\u062a \u0647\u062f\u0641\u0645\u0646\u062f \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u06af\u06cc\u0631\u062f. \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u00abCVE-2020-11261 (CVSS Grade 8.4)\u00bb \u06cc\u06a9 \u0645\u0634\u06a9\u0644 \u0627\u0639\u062a\u0628\u0627\u0631 \u0648\u0631\u0648\u062f\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u062f\u0631 \u06cc\u06a9 \u0639\u0646\u0635\u0631 \u06af\u0631\u0627\u0641\u06cc\u06a9\u06cc \u06a9\u0648\u0627\u0644\u06a9\u0627\u0645 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0645\u0646\u0627\u0637\u0642 \u062d\u0627\u0641\u0638\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0628\u0631\u0646\u0627\u0645\u0647 \u0637\u0631\u0627\u062d\u06cc \u0634\u062f\u0647 \u0628\u0647\u200c\u0648\u0633\u06cc\u0644\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u0648\u062f.\n\n\u0627\u06cc\u0646 \u063a\u0648\u0644 \u062c\u0633\u062a\u062c\u0648 \u062f\u0631 \u0628\u06cc\u0627\u0646\u06cc\u0647\u200c\u0627\u06cc \u062f\u0631 \u0645\u0627\u0647 \u0645\u0627\u0631\u0633 \u0627\u0645\u0633\u0627\u0644 \u06af\u0641\u062a :\n\n\u00ab\u0622\u0645\u0627\u0631 \u0646\u0634\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u06a9\u0647 CVE-2020-11261 \u0634\u0627\u06cc\u062f \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u062d\u062f\u0648\u062f \u0648 \u0647\u062f\u0641\u0645\u0646\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u0648\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u06a9\u0634\u0641\u060c \u0628\u0647\u200c\u0648\u0633\u06cc\u0644\u0647 \u06a9\u0627\u0631\u06a9\u0646\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a \u0627\u0646\u062f\u0631\u0648\u06cc\u062f \u062f\u0631 \u06af\u0648\u06af\u0644 \u0628\u0647 \u06a9\u0648\u0627\u0644\u06a9\u0627\u0645 \u062f\u0631 \u0645\u0627\u0647 \u0698\u0648\u0626\u06cc\u0647 \u0633\u0627\u0644 \u0642\u0628\u0644 \u06af\u0632\u0627\u0631\u0634 \u0648 \u067e\u0633 \u0627\u0632 \u0622\u0646 \u062f\u0631 \u0645\u0627\u0647 \u0698\u0627\u0646\u0648\u06cc\u0647 \u0633\u0627\u0644 2021 \u0628\u0631\u0637\u0631\u0641 \u0634\u062f.\u00bb\n\n#\u06af\u0648\u06af\u0644_\u06a9\u0631\u0648\u0645\n\n\u2705 \u0628\u06cc\u0634\u062a\u0631 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f:\nhttps://bit.ly/3fH62nR\n\n@cyberbannews_ir", "creation_timestamp": "2021-04-05T09:10:44.000000Z"}, {"uuid": "59d5af58-8fd4-4dab-a0e0-5d60fe258c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "exploited", "source": "https://t.me/cKure/4487", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 \u26a0\ufe0f A New Android Zero-Day Vulnerability Is Under Active Attack.\n\nGoogle has disclosed that a now-patched vulnerability affecting Android devices that use Qualcomm chipsets is being weaponized by attackers to launch targeted attacks. Tracked as CVE-2020-11261 (CVSS score 8.4), the flaw concerns an \"improper input validation\" issue in Qualcomm's Graphics component that could be exploited to trigger memory corruption when an attacker-engineered app requests.\n#0day #Zeroday \n\nhttps://thehackernews.com/2021/03/warning-new-android-zero-day.html", "creation_timestamp": "2021-03-23T06:29:47.000000Z"}, {"uuid": "c1e1c72c-7218-4687-b558-ae5b89566778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "seen", "source": "https://t.me/linkersec/77", "content": "Android Security Bulletin \u2014 January 2021\n\nA fix for an uninitialized memory disclosure in core files, two fixes for speculative execution bugs, and a bunch of fixes for Qualcomm drivers.\n\nA note regarding one of the latter: \"There are indications that CVE-2020-11261 may be under limited, targeted exploitation.\"\n\nhttps://source.android.com/security/bulletin/2021-01-01#kernel-compoents\nhttps://source.android.com/security/bulletin/2021-01-01#qualcomm-components", "creation_timestamp": "2024-09-05T15:20:06.000000Z"}, {"uuid": "63d3ad33-2de5-4f94-b67a-167109e0596c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "seen", "source": "Telegram/-fgpYyV7wxqfcKN0SfoGUW3Vze01e7Vz_G2GncKAwUI28w--", "content": "", "creation_timestamp": "2025-01-30T02:17:48.000000Z"}, {"uuid": "6ef8f562-46c0-449d-a776-b1117c953725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "exploited", "source": "https://t.me/true_secator/1547", "content": "\u0411\u0435\u043d \u0425\u043e\u0443\u043a\u0441, \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c Google Project Zero, \u043e\u0441\u0442\u0430\u0432\u0438\u043b \u0432 \u0441\u0432\u043e\u0435\u043c Twitter \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0435\u0441\u0442\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-11261 \u0432 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Qualcomm \u0434\u043b\u044f Android \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f \u0441\u043e\u0431\u043e\u0439 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430, \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430. \u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0432 \u0435\u0435 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0442, \u043d\u043e \u0441\u0442\u0440\u0430\u043d\u043d\u043e, \u0447\u0442\u043e Google \u0441\u0447\u0438\u0442\u0430\u0435\u0442 \u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439, \u0430 \u0432\u043e\u0442 \u0441\u0430\u043c Qualcomm - \u0441\u0440\u0435\u0434\u043d\u0435\u0439. \u041f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u043c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u043d\u043e \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0434\u043b\u044f \u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e \u0441\u043d\u0438\u0436\u0435\u043d\u0430.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0436\u0435, \u043a\u0430\u043a \u0432\u0438\u0434\u0438\u043c, \u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 - \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0445\u0430\u043a\u0435\u0440\u044b \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0439 \u0434\u044b\u0440\u043a\u0438.\n\n\u041f\u043e \u044d\u0442\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0435 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u0441\u043f\u0438\u0441\u043e\u043a \u0447\u0438\u043f\u0441\u0435\u0442\u043e\u0432, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0445 CVE-2020-11261. \u0414\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u0440\u0443\u0447\u043d\u0443\u044e.", "creation_timestamp": "2021-03-23T10:14:49.000000Z"}, {"uuid": "204e7cfa-3c94-4038-be12-2b5d2a84f903", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "seen", "source": "https://t.me/arpsyndicate/979", "content": "#ExploitObserverAlert\n\nCVE-2020-11261\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-11261. Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice", "creation_timestamp": "2023-12-03T16:34:34.000000Z"}, {"uuid": "2c1c68b2-7097-45c4-8e34-eca87f422620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "exploited", "source": "https://t.me/information_security_channel/43681", "content": "Recently Patched Android Vulnerability Exploited in Attacks\nhttp://feedproxy.google.com/~r/Securityweek/~3/qc3FfvmvJn4/recently-patched-android-vulnerability-exploited-attacks\n\nGoogle has warned Android users that a recently patched vulnerability has been exploited in attacks.\nThe vulnerability in question, tracked as CVE-2020-11261, was patched by Google with the Android security updates (https://www.securityweek.com/google-releases-january-2021-security-updates-android) released in January 2021.\nread more (https://www.securityweek.com/recently-patched-android-vulnerability-exploited-attacks)", "creation_timestamp": "2021-03-23T15:12:29.000000Z"}, {"uuid": "39b63ad0-4243-4acc-9113-6d5207099ecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "exploited", "source": "https://t.me/androidMalware/1514", "content": "A Year in Review of 0-days Used In-the-Wild in 2021 by Google\nIn 2021 there were 7 #Android in-the-wild 0-days detected and disclosed:\n - Qualcomm Adreno GPU driver (CVE-2020-11261, CVE-2021-1905, CVE-2021-1906)\n - ARM Mali GPU driver (CVE-2021-28663, CVE-2021-28664)\n - Upstream Linux kernel (CVE-2021-1048, CVE-2021-0920)\n\nFor the 5 total #iOS and macOS in-the-wild 0-days, they targeted 3 different attack surfaces:\n - IOMobileFrameBuffer (CVE-2021-30807, CVE-2021-30883)\n - XNU Kernel (CVE-2021-1782 &amp; CVE-2021-30869)\n - CoreGraphics (CVE-2021-30860)\n - CommCenter (FORCEDENTRY sandbox escape - CVE requested, not yet assigned)\nhttps://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html", "creation_timestamp": "2022-04-27T11:03:23.000000Z"}, {"uuid": "5a23affe-6824-4ed6-ab37-770523a5759f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11261", "type": "exploited", "source": "https://t.me/xakep_ru/10536", "content": "\u0421\u0432\u0435\u0436\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Android \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u0430\u043c\u0438\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Google \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2021 \u0433\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-11261, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 Android-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0447\u0438\u043f\u0441\u0435\u0442\u044b Qualcomm.\n\nhttps://xakep.ru/2021/03/23/android-bug-under-attack/", "creation_timestamp": "2021-03-23T16:35:11.000000Z"}]}