9.1
CVE-2020-11169
- EPSS 0.29%
- Veröffentlicht 02.11.2020 07:15:13
- Zuletzt bearbeitet 21.11.2024 04:57:01
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Apq8009 Firmware Version-
Qualcomm ≫ Apq8053 Firmware Version-
Qualcomm ≫ Qca6390 Firmware Version-
Qualcomm ≫ Qcn7605 Firmware Version-
Qualcomm ≫ Qcn7606 Firmware Version-
Qualcomm ≫ Sa415m Firmware Version-
Qualcomm ≫ Sa515m Firmware Version-
Qualcomm ≫ Sa6155p Firmware Version-
Qualcomm ≫ Sa8155p Firmware Version-
Qualcomm ≫ Sc8180x Firmware Version-
Qualcomm ≫ Sdx55 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.491 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:P
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.