Lucene search

[email protected]CVE-2020-11269

HistoryFeb 22, 2021 - 7:15 a.m.

CVE-2020-11269

2021-02-2207:15:00

CWE-190

[email protected]

web.nvd.nist.gov

cve-2020-11269

memory corruption

eapol

key length validation

snapdragon auto

snapdragon compute

snapdragon connectivity

snapdragon consumer electronics connectivity

snapdragon consumer iot

snapdragon industrial iot

snapdragon iot

snapdragon mobile

snapdragon voice & music

snapdragon wearables

snapdragon wired infrastructure

networking

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

8.3 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

29.5%

JSON

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CPENameOperatorVersion
qualcomm:apq8009_firmwarequalcomm apq8009 firmwareeq-
qualcomm:apq8009w_firmwarequalcomm apq8009w firmwareeq-
qualcomm:apq8016_firmwarequalcomm apq8016 firmwareeq-
qualcomm:apq8017_firmwarequalcomm apq8017 firmwareeq-
qualcomm:apq8037_firmwarequalcomm apq8037 firmwareeq-
qualcomm:apq8039_firmwarequalcomm apq8039 firmwareeq-
qualcomm:apq8052_firmwarequalcomm apq8052 firmwareeq-
qualcomm:apq8053_firmwarequalcomm apq8053 firmwareeq-
qualcomm:apq8056_firmwarequalcomm apq8056 firmwareeq-
qualcomm:apq8064au_firmwarequalcomm apq8064au firmwareeq-

CPE	Name	Operator	Version
qualcomm:apq8009_firmware	qualcomm apq8009 firmware	eq	-
qualcomm:apq8009w_firmware	qualcomm apq8009w firmware	eq	-
qualcomm:apq8016_firmware	qualcomm apq8016 firmware	eq	-
qualcomm:apq8017_firmware	qualcomm apq8017 firmware	eq	-
qualcomm:apq8037_firmware	qualcomm apq8037 firmware	eq	-
qualcomm:apq8039_firmware	qualcomm apq8039 firmware	eq	-
qualcomm:apq8052_firmware	qualcomm apq8052 firmware	eq	-
qualcomm:apq8053_firmware	qualcomm apq8053 firmware	eq	-
qualcomm:apq8056_firmware	qualcomm apq8056 firmware	eq	-
qualcomm:apq8064au_firmware	qualcomm apq8064au firmware	eq	-

Rows per page:

1-10 of 5371

References

www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Social References

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

8.3 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

29.5%

JSON

Related for CVE-2020-11269

prion1