Lucene search

[email protected]CVE-2020-11225

HistoryJan 21, 2021 - 10:15 a.m.

CVE-2020-11225

2021-01-2110:15:00

CWE-120

CWE-787

[email protected]

web.nvd.nist.gov

cve-2020-11225

wlan driver

array length validation

snapdragon auto

snapdragon compute

snapdragon connectivity

snapdragon consumer electronics connectivity

snapdragon consumer iot

snapdragon industrial iot

snapdragon mobile

snapdragon voice & music

snapdragon wired infrastructure

networking

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.6%

JSON

Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CPENameOperatorVersion
qualcomm:mdm9650qualcomm mdm9650eq-
qualcomm:sdm630qualcomm sdm630eq-
qualcomm:ipq4019qualcomm ipq4019eq-
qualcomm:qca6574auqualcomm qca6574aueq-
qualcomm:qca6584auqualcomm qca6584aueq-
qualcomm:apq8096auqualcomm apq8096aueq-
qualcomm:msm8996auqualcomm msm8996aueq-
qualcomm:ipq8064qualcomm ipq8064eq-
qualcomm:qca9980qualcomm qca9980eq-
qualcomm:qca9558qualcomm qca9558eq-

CPE	Name	Operator	Version
qualcomm:mdm9650	qualcomm mdm9650	eq	-
qualcomm:sdm630	qualcomm sdm630	eq	-
qualcomm:ipq4019	qualcomm ipq4019	eq	-
qualcomm:qca6574au	qualcomm qca6574au	eq	-
qualcomm:qca6584au	qualcomm qca6584au	eq	-
qualcomm:apq8096au	qualcomm apq8096au	eq	-
qualcomm:msm8996au	qualcomm msm8996au	eq	-
qualcomm:ipq8064	qualcomm ipq8064	eq	-
qualcomm:qca9980	qualcomm qca9980	eq	-
qualcomm:qca9558	qualcomm qca9558	eq	-

Rows per page:

1-10 of 4051

References

www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Social References

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.6%

JSON

Related for CVE-2020-11225

prion1 threatpost1