Lucene search

[email protected]CVE-2020-11130

HistoryNov 12, 2020 - 10:15 a.m.

CVE-2020-11130

2020-11-1210:15:00

CWE-120

[email protected]

web.nvd.nist.gov

cve-2020-11130

buffer overflow

wifi hal process

snapdragon auto

snapdragon compute

snapdragon industrial iot

snapdragon mobile

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

12.0%

JSON

u’Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

CPENameOperatorVersion
qualcomm:qcm4290_firmwarequalcomm qcm4290 firmwareeq-
qualcomm:qcs4290_firmwarequalcomm qcs4290 firmwareeq-
qualcomm:qm215_firmwarequalcomm qm215 firmwareeq-
qualcomm:qsm8350_firmwarequalcomm qsm8350 firmwareeq-
qualcomm:sa6145p_firmwarequalcomm sa6145p firmwareeq-
qualcomm:sa6155_firmwarequalcomm sa6155 firmwareeq-
qualcomm:sa6155p_firmwarequalcomm sa6155p firmwareeq-
qualcomm:sa8155_firmwarequalcomm sa8155 firmwareeq-
qualcomm:sa8155p_firmwarequalcomm sa8155p firmwareeq-
qualcomm:sc8180x_firmwarequalcomm sc8180x firmwareeq-

CPE	Name	Operator	Version
qualcomm:qcm4290_firmware	qualcomm qcm4290 firmware	eq	-
qualcomm:qcs4290_firmware	qualcomm qcs4290 firmware	eq	-
qualcomm:qm215_firmware	qualcomm qm215 firmware	eq	-
qualcomm:qsm8350_firmware	qualcomm qsm8350 firmware	eq	-
qualcomm:sa6145p_firmware	qualcomm sa6145p firmware	eq	-
qualcomm:sa6155_firmware	qualcomm sa6155 firmware	eq	-
qualcomm:sa6155p_firmware	qualcomm sa6155p firmware	eq	-
qualcomm:sa8155_firmware	qualcomm sa8155 firmware	eq	-
qualcomm:sa8155p_firmware	qualcomm sa8155p firmware	eq	-
qualcomm:sc8180x_firmware	qualcomm sc8180x firmware	eq	-

Rows per page:

1-10 of 311

References

www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

12.0%

JSON

Related for CVE-2020-11130

cvelist1 prion1 androidsecurity1