Lucene search

[email protected]CVE-2020-11203

HistoryFeb 22, 2021 - 7:15 a.m.

CVE-2020-11203

2021-02-2207:15:13

CWE-787

[email protected]

web.nvd.nist.gov

cve-2020-11203

stack overflow

gsm

wcdma

broadcast config

snapdragon auto

snapdragon connectivity

snapdragon consumer iot

snapdragon industrial iot

snapdragon mobile

snapdragon wearables

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Affected configurations

NVD

Node

qualcommapq8009w_firmwareMatch-

AND

qualcommapq8009wMatch-

Node

qualcommapq8064au_firmwareMatch-

AND

qualcommapq8064auMatch-

Node

qualcommapq8096au_firmwareMatch-

AND

qualcommapq8096auMatch-

Node

qualcommaqt1000_firmwareMatch-

AND

qualcommaqt1000Match-

Node

qualcommmsm8909w_firmwareMatch-

AND

qualcommmsm8909wMatch-

Node

qualcommmsm8996au_firmwareMatch-

AND

qualcommmsm8996auMatch-

Node

qualcommpm215_firmwareMatch-

AND

qualcommpm215Match-

Node

qualcommpm456_firmwareMatch-

AND

qualcommpm456Match-

Node

qualcommpm6125_firmwareMatch-

AND

qualcommpm6125Match-

Node

qualcommpm6150_firmwareMatch-

AND

qualcommpm6150Match-

Node

qualcommpm6150a_firmwareMatch-

AND

qualcommpm6150aMatch-

Node

qualcommpm6150l_firmwareMatch-

AND

qualcommpm6150lMatch-

Node

qualcommpm6250_firmwareMatch-

AND

qualcommpm6250Match-

Node

qualcommpm640a_firmwareMatch-

AND

qualcommpm640aMatch-

Node

qualcommpm640l_firmwareMatch-

AND

qualcommpm640lMatch-

Node

qualcommpm640p_firmwareMatch-

AND

qualcommpm640pMatch-

Node

qualcommpm670_firmwareMatch-

AND

qualcommpm670Match-

Node

qualcommpm670l_firmwareMatch-

AND

qualcommpm670lMatch-

Node

qualcommpm8004_firmwareMatch-

AND

qualcommpm8004Match-

Node

qualcommpm8005_firmwareMatch-

AND

qualcommpm8005Match-

Node

qualcommpm8008_firmwareMatch-

AND

qualcommpm8008Match-

Node

qualcommpm8009_firmwareMatch-

AND

qualcommpm8009Match-

Node

qualcommpm855_firmwareMatch-

AND

qualcommpm855Match-

Node

qualcommpm855b_firmwareMatch-

AND

qualcommpm855bMatch-

Node

qualcommpm855l_firmwareMatch-

AND

qualcommpm855lMatch-

Node

qualcommpm855p_firmwareMatch-

AND

qualcommpm855pMatch-

Node

qualcommpm8916_firmwareMatch-

AND

qualcommpm8916Match-

Node

qualcommpm8998_firmwareMatch-

AND

qualcommpm8998Match-

Node

qualcommpmi632_firmwareMatch-

AND

qualcommpmi632Match-

Node

qualcommpmi8998_firmwareMatch-

AND

qualcommpmi8998Match-

Node

qualcommpmk8002_firmwareMatch-

AND

qualcommpmk8002Match-

Node

qualcommpmm6155au_firmwareMatch-

AND

qualcommpmm6155auMatch-

Node

qualcommpmm8155au_firmwareMatch-

AND

qualcommpmm8155auMatch-

Node

qualcommpmm8195au_firmwareMatch-

AND

qualcommpmm8195auMatch-

Node

qualcommpmm855au_firmwareMatch-

AND

qualcommpmm855auMatch-

Node

qualcommpmm8996au_firmwareMatch-

AND

qualcommpmm8996auMatch-

Node

qualcommpmr735a_firmwareMatch-

AND

qualcommpmr735aMatch-

Node

qualcommpmw3100_firmwareMatch-

AND

qualcommpmw3100Match-

Node

qualcommpmx50_firmwareMatch-

AND

qualcommpmx50Match-

Node

qualcommpmx55_firmwareMatch-

AND

qualcommpmx55Match-

Node

qualcommqat3518_firmwareMatch-

AND

qualcommqat3518Match-

Node

qualcommqat3519_firmwareMatch-

AND

qualcommqat3519Match-

Node

qualcommqat3522_firmwareMatch-

AND

qualcommqat3522Match-

Node

qualcommqat3550_firmwareMatch-

AND

qualcommqat3550Match-

Node

qualcommqat3555_firmwareMatch-

AND

qualcommqat3555Match-

Node

qualcommqat5515_firmwareMatch-

AND

qualcommqat5515Match-

Node

qualcommqat5516_firmwareMatch-

AND

qualcommqat5516Match-

Node

qualcommqbt1500_firmwareMatch-

AND

qualcommqbt1500Match-

Node

qualcommqbt2000_firmwareMatch-

AND

qualcommqbt2000Match-

Node

qualcommqca6391_firmwareMatch-

AND

qualcommqca6391Match-

Node

qualcommqca6420_firmwareMatch-

AND

qualcommqca6420Match-

Node

qualcommqca6430_firmwareMatch-

AND

qualcommqca6430Match-

Node

qualcommqca6564_firmwareMatch-

AND

qualcommqca6564Match-

Node

qualcommqca6564a_firmwareMatch-

AND

qualcommqca6564aMatch-

Node

qualcommqca6564au_firmwareMatch-

AND

qualcommqca6564auMatch-

Node

qualcommqca6574_firmwareMatch-

AND

qualcommqca6574Match-

Node

qualcommqca6574a_firmwareMatch-

AND

qualcommqca6574aMatch-

Node

qualcommqca6574au_firmwareMatch-

AND

qualcommqca6574auMatch-

Node

qualcommqca6595_firmwareMatch-

AND

qualcommqca6595Match-

Node

qualcommqca6595au_firmwareMatch-

AND

qualcommqca6595auMatch-

Node

qualcommqca6696_firmwareMatch-

AND

qualcommqca6696Match-

Node

qualcommqca8337_firmwareMatch-

AND

qualcommqca8337Match-

Node

qualcommqcs605_firmwareMatch-

AND

qualcommqcs605Match-

Node

qualcommqdm2301_firmwareMatch-

AND

qualcommqdm2301Match-

Node

qualcommqdm2302_firmwareMatch-

AND

qualcommqdm2302Match-

Node

qualcommqet4101_firmwareMatch-

AND

qualcommqet4101Match-

Node

qualcommqet5100_firmwareMatch-

AND

qualcommqet5100Match-

Node

qualcommqpa4360_firmwareMatch-

AND

qualcommqpa4360Match-

Node

qualcommqpa4361_firmwareMatch-

AND

qualcommqpa4361Match-

Node

qualcommqpa5460_firmwareMatch-

AND

qualcommqpa5460Match-

Node

qualcommqpa6560_firmwareMatch-

AND

qualcommqpa6560Match-

Node

qualcommqsw6310_firmwareMatch-

AND

qualcommqsw6310Match-

Node

qualcommqsw8573_firmwareMatch-

AND

qualcommqsw8573Match-

Node

qualcommqsw8574_firmwareMatch-

AND

qualcommqsw8574Match-

Node

qualcommqtc410s_firmwareMatch-

AND

qualcommqtc410sMatch-

Node

qualcommqtc800h_firmwareMatch-

AND

qualcommqtc800hMatch-

Node

qualcommqtc800s_firmwareMatch-

AND

qualcommqtc800sMatch-

Node

qualcommqtc801s_firmwareMatch-

AND

qualcommqtc801sMatch-

Node

qualcommqtm525_firmwareMatch-

AND

qualcommqtm525Match-

Node

qualcommqtm527_firmwareMatch-

AND

qualcommqtm527Match-

Node

qualcommqualcomm215_firmwareMatch-

AND

qualcommqualcomm215Match-

Node

qualcommrgr7640au_firmwareMatch-

AND

qualcommrgr7640auMatch-

Node

qualcommsa6145p_firmwareMatch-

AND

qualcommsa6145pMatch-

Node

qualcommsa6150p_firmwareMatch-

AND

qualcommsa6150pMatch-

Node

qualcommsa6155p_firmwareMatch-

AND

qualcommsa6155pMatch-

Node

qualcommsa8150p_firmwareMatch-

AND

qualcommsa8150pMatch-

Node

qualcommsa8155_firmwareMatch-

AND

qualcommsa8155Match-

Node

qualcommsa8155p_firmwareMatch-

AND

qualcommsa8155pMatch-

Node

qualcommsa8195p_firmwareMatch-

AND

qualcommsa8195pMatch-

Node

qualcommsd675_firmwareMatch-

AND

qualcommsd675Match-

Node

qualcommsd429_firmwareMatch-

AND

qualcommsd429Match-

Node

qualcommsd665_firmwareMatch-

AND

qualcommsd665Match-

Node

qualcommsd675_firmwareMatch-

AND

qualcommsd675Match-

Node

qualcommsd720g_firmwareMatch-

AND

qualcommsd720gMatch-

Node

qualcommsd730_firmwareMatch-

AND

qualcommsd730Match-

Node

qualcommsd855_firmwareMatch-

AND

qualcommsd855Match-

Node

qualcommsda429w_firmwareMatch-

AND

qualcommsda429wMatch-

Node

qualcommsdm429w_firmwareMatch-

AND

qualcommsdm429wMatch-

Node

qualcommsdm830_firmwareMatch-

AND

qualcommsdm830Match-

Node

qualcommsdr051_firmwareMatch-

AND

qualcommsdr051Match-

Node

qualcommsdr052_firmwareMatch-

AND

qualcommsdr052Match-

Node

qualcommsdr660_firmwareMatch-

AND

qualcommsdr660Match-

Node

qualcommsdr660g_firmwareMatch-

AND

qualcommsdr660gMatch-

Node

qualcommsdr675_firmwareMatch-

AND

qualcommsdr675Match-

Node

qualcommsdr8150_firmwareMatch-

AND

qualcommsdr8150Match-

Node

qualcommsdr865_firmwareMatch-

AND

qualcommsdr865Match-

Node

qualcommsdw3100_firmwareMatch-

AND

qualcommsdw3100Match-

Node

qualcommsdx50m_firmwareMatch-

AND

qualcommsdx50mMatch-

Node

qualcommsdx55_firmwareMatch-

AND

qualcommsdx55Match-

Node

qualcommsdx55m_firmwareMatch-

AND

qualcommsdx55mMatch-

Node

qualcommsm6250_firmwareMatch-

AND

qualcommsm6250Match-

Node

qualcommsmb1355_firmwareMatch-

AND

qualcommsmb1355Match-

Node

qualcommsmb1381_firmwareMatch-

AND

qualcommsmb1381Match-

Node

qualcommsmb1390_firmwareMatch-

AND

qualcommsmb1390Match-

Node

qualcommsmb231_firmwareMatch-

AND

qualcommsmb231Match-

Node

qualcommsmr526_firmwareMatch-

AND

qualcommsmr526Match-

Node

qualcommwcd9326_firmwareMatch-

AND

qualcommwcd9326Match-

Node

qualcommwcd9340_firmwareMatch-

AND

qualcommwcd9340Match-

Node

qualcommwcd9341_firmwareMatch-

AND

qualcommwcd9341Match-

Node

qualcommwcd9370_firmwareMatch-

AND

qualcommwcd9370Match-

Node

qualcommwcd9375_firmwareMatch-

AND

qualcommwcd9375Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcn3610_firmwareMatch-

AND

qualcommwcn3610Match-

Node

qualcommwcn3615_firmwareMatch-

AND

qualcommwcn3615Match-

Node

qualcommwcn3620_firmwareMatch-

AND

qualcommwcn3620Match-

Node

qualcommwcn3660b_firmwareMatch-

AND

qualcommwcn3660bMatch-

Node

qualcommwcn3680_firmwareMatch-

AND

qualcommwcn3680Match-

Node

qualcommwcn3950_firmwareMatch-

AND

qualcommwcn3950Match-

Node

qualcommwcn3980_firmwareMatch-

AND

qualcommwcn3980Match-

Node

qualcommwcn3988_firmwareMatch-

AND

qualcommwcn3988Match-

Node

qualcommwcn3990_firmwareMatch-

AND

qualcommwcn3990Match-

Node

qualcommwcn3991_firmwareMatch-

AND

qualcommwcn3991Match-

Node

qualcommwcn3998_firmwareMatch-

AND

qualcommwcn3998Match-

Node

qualcommwcn6750_firmwareMatch-

AND

qualcommwcn6750Match-

Node

qualcommwcn6850_firmwareMatch-

AND

qualcommwcn6850Match-

Node

qualcommwcn6851_firmwareMatch-

AND

qualcommwcn6851Match-

Node

qualcommwgr7640_firmwareMatch-

AND

qualcommwgr7640Match-

Node

qualcommwsa8810_firmwareMatch-

AND

qualcommwsa8810Match-

Node

qualcommwsa8815_firmwareMatch-

AND

qualcommwsa8815Match-

Node

qualcommwtr2955_firmwareMatch-

AND

qualcommwtr2955Match-

Node

qualcommwtr2965_firmwareMatch-

AND

qualcommwtr2965Match-

Node

qualcommwtr3925_firmwareMatch-

AND

qualcommwtr3925Match-

Node

qualcommwtr4905_firmwareMatch-

AND

qualcommwtr4905Match-

Node

qualcommwtr5975_firmwareMatch-

AND

qualcommwtr5975Match-

CPENameOperatorVersion
qualcomm:apq8009w_firmwarequalcomm apq8009w firmwareeq-

CPE	Name	Operator	Version
qualcomm:apq8009w_firmware	qualcomm apq8009w firmware	eq	-

CNA Affected

[
  {
    "product": "Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8009W, APQ8064AU, APQ8096AU, AQT1000, MSM8909W, MSM8996AU, PM215, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM640A, PM640L, PM640P, PM670, PM670L, PM8004, PM8005, PM8008, PM8009, PM855, PM855B, PM855L, PM855P, PM8916, PM8998, PMI632, PMI8998, PMK8002, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMR735A, PMW3100, PMX50, PMX55, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QBT1500, QBT2000, QCA6391, QCA6420, QCA6430, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8337, QCS605, QDM2301, QDM2302, QET4101, QET5100, QPA4360, QPA4361, QPA5460, QPA6560, QSW6310, QSW8573, QSW8574, QTC410S, QTC800H, QTC800S, QTC801S, QTM525, QTM527, Qualcomm215, RGR7640AU, SA6145P, SA6150P, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD429, SD665, SD675, SD720G, SD730, SD855, SDA429W, SDM429W, SDM830, SDR051, SDR052, SDR660, SDR660G, SDR675, SDR8150, SDR865, SDW3100, SDX50M, SDX55, SDX55M, SM6250, SMB1355, SMB1381, SMB1390, SMB231, ...[truncated*]"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Social References

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2020-11203

cvelist1 nvd1 prion1