Lucene search

[email protected]CVE-2020-11187

HistoryFeb 22, 2021 - 7:15 a.m.

CVE-2020-11187

2021-02-2207:15:00

CWE-129

[email protected]

web.nvd.nist.gov

cve

2020

11187

memory corruption

bsi module

parameter count validation

snapdragon auto

snapdragon connectivity

snapdragon mobile

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

11.7%

JSON

Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile

CPENameOperatorVersion
qualcomm:aqt1000_firmwarequalcomm aqt1000 firmwareeq-
qualcomm:csrb31024_firmwarequalcomm csrb31024 firmwareeq-
qualcomm:pm7150a_firmwarequalcomm pm7150a firmwareeq-
qualcomm:pm7150l_firmwarequalcomm pm7150l firmwareeq-
qualcomm:pm7250_firmwarequalcomm pm7250 firmwareeq-
qualcomm:pm7250b_firmwarequalcomm pm7250b firmwareeq-
qualcomm:pm8004_firmwarequalcomm pm8004 firmwareeq-
qualcomm:pm8008_firmwarequalcomm pm8008 firmwareeq-
qualcomm:pm855_firmwarequalcomm pm855 firmwareeq-
qualcomm:pm855b_firmwarequalcomm pm855b firmwareeq-

CPE	Name	Operator	Version
qualcomm:aqt1000_firmware	qualcomm aqt1000 firmware	eq	-
qualcomm:csrb31024_firmware	qualcomm csrb31024 firmware	eq	-
qualcomm:pm7150a_firmware	qualcomm pm7150a firmware	eq	-
qualcomm:pm7150l_firmware	qualcomm pm7150l firmware	eq	-
qualcomm:pm7250_firmware	qualcomm pm7250 firmware	eq	-
qualcomm:pm7250b_firmware	qualcomm pm7250b firmware	eq	-
qualcomm:pm8004_firmware	qualcomm pm8004 firmware	eq	-
qualcomm:pm8008_firmware	qualcomm pm8008 firmware	eq	-
qualcomm:pm855_firmware	qualcomm pm855 firmware	eq	-
qualcomm:pm855b_firmware	qualcomm pm855b firmware	eq	-

Rows per page:

1-10 of 981

References

www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Social References

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

11.7%

JSON

Related for CVE-2020-11187

prion1