8.1

CVE-2020-11156

u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap packet received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in QCA6390, QCN7605, QCS404, SA415M, SA515M, SC8180X, SDX55, SM8250

Data is provided by the National Vulnerability Database (NVD)
QualcommQca6390 Firmware Version-
   QualcommQca6390 Version-
QualcommQcn7605 Firmware Version-
   QualcommQcn7605 Version-
QualcommQcs404 Firmware Version-
   QualcommQcs404 Version-
QualcommSa415m Firmware Version-
   QualcommSa415m Version-
QualcommSa515m Firmware Version-
   QualcommSa515m Version-
QualcommSc8180x Firmware Version-
   QualcommSc8180x Version-
QualcommSdx55 Firmware Version-
   QualcommSdx55 Version-
QualcommSm8250 Firmware Version-
   QualcommSm8250 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.15% 0.355
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.1 2.8 5.2
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
nvd@nist.gov 4.8 6.5 4.9
AV:A/AC:L/Au:N/C:P/I:N/A:P
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.