8.1

CVE-2020-11141

u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, SA415M, SA515M, SC8180X, SDX55, SM8250

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommApq8009 Firmware Version-
   QualcommApq8009 Version-
QualcommApq8053 Firmware Version-
   QualcommApq8053 Version-
QualcommQca6390 Firmware Version-
   QualcommQca6390 Version-
QualcommQcn7605 Firmware Version-
   QualcommQcn7605 Version-
QualcommSa415m Firmware Version-
   QualcommSa415m Version-
QualcommSa515m Firmware Version-
   QualcommSa515m Version-
QualcommSc8180x Firmware Version-
   QualcommSc8180x Version-
QualcommSdx55 Firmware Version-
   QualcommSdx55 Version-
QualcommSm8250 Firmware Version-
   QualcommSm8250 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.07% 0.192
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.1 2.8 5.2
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
nvd@nist.gov 4.8 6.5 4.9
AV:A/AC:L/Au:N/C:P/I:N/A:P
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.