Lucene search

[email protected]CVE-2020-11180

HistoryJan 21, 2021 - 10:15 a.m.

CVE-2020-11180

2021-01-2110:15:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2020-11180

out of bound access

computer vision control

improper validation

snapdragon auto

snapdragon compute

snapdragon connectivity

snapdragon consumer iot

snapdragon industrial iot

snapdragon mobile

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

11.7%

JSON

Out of bound access in computer vision control due to improper validation of command length before processing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CPENameOperatorVersion
qualcomm:qca6574auqualcomm qca6574aueq-
qualcomm:qca6574qualcomm qca6574eq-
qualcomm:sd855qualcomm sd855eq-
qualcomm:sdx55qualcomm sdx55eq-
qualcomm:sa6155pqualcomm sa6155peq-
qualcomm:qca6390qualcomm qca6390eq-
qualcomm:sa6155qualcomm sa6155eq-
qualcomm:sa8155pqualcomm sa8155peq-
qualcomm:sa6145pqualcomm sa6145peq-
qualcomm:sa6150pqualcomm sa6150peq-

CPE	Name	Operator	Version
qualcomm:qca6574au	qualcomm qca6574au	eq	-
qualcomm:qca6574	qualcomm qca6574	eq	-
qualcomm:sd855	qualcomm sd855	eq	-
qualcomm:sdx55	qualcomm sdx55	eq	-
qualcomm:sa6155p	qualcomm sa6155p	eq	-
qualcomm:qca6390	qualcomm qca6390	eq	-
qualcomm:sa6155	qualcomm sa6155	eq	-
qualcomm:sa8155p	qualcomm sa8155p	eq	-
qualcomm:sa6145p	qualcomm sa6145p	eq	-
qualcomm:sa6150p	qualcomm sa6150p	eq	-

Rows per page:

1-10 of 1581

References

www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Social References

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

11.7%

JSON

Related for CVE-2020-11180

prion1