Lucene search

K
cve[email protected]CVE-2020-11141
HistoryNov 02, 2020 - 7:15 a.m.

CVE-2020-11141

2020-11-0207:15:00
CWE-20
CWE-125
web.nvd.nist.gov
28
cve-2020-11141
bluetooth estack
buffer over-read
l2cap configuration
snapdragon auto
snapdragon compute
snapdragon connectivity
snapdragon consumer electronics connectivity
snapdragon consumer iot
snapdragon industrial iot
snapdragon mobile
snapdragon voice & music
snapdragon wired infrastructure and networking
apq8009
apq8053
qca6390
qcn7605
sa415m
sa515m
sc8180x
sdx55
sm8250
nvd

8.1 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

8.1 High

AI Score

Confidence

High

4.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:N/A:P

0.001 Low

EPSS

Percentile

24.5%

u’Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer device.’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, SA415M, SA515M, SC8180X, SDX55, SM8250

8.1 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

8.1 High

AI Score

Confidence

High

4.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:N/A:P

0.001 Low

EPSS

Percentile

24.5%

Related for CVE-2020-11141