CVE-2020-11180

EPSS 0.03%
Veröffentlicht 21.01.2021 10:15:14
Zuletzt bearbeitet 21.11.2024 04:57:07
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Out of bound access in computer vision control due to improper validation of command length before processing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Aqt1000 Version-

Qualcomm ≫ Pm3003a Version-

Qualcomm ≫ Pm6150 Version-

Qualcomm ≫ Pm7150a Version-

Qualcomm ≫ Pm7150l Version-

Qualcomm ≫ Pm7250 Version-

Qualcomm ≫ Pm7250b Version-

Qualcomm ≫ Pm8004 Version-

Qualcomm ≫ Pm8008 Version-

Qualcomm ≫ Pm8009 Version-

Qualcomm ≫ Pm8150 Version-

Qualcomm ≫ Pm8150a Version-

Qualcomm ≫ Pm8150b Version-

Qualcomm ≫ Pm8150c Version-

Qualcomm ≫ Pm8150l Version-

Qualcomm ≫ Pm8250 Version-

Qualcomm ≫ Pm855 Version-

Qualcomm ≫ Pm855b Version-

Qualcomm ≫ Pm855l Version-

Qualcomm ≫ Pm855p Version-

Qualcomm ≫ Pmc1000h Version-

Qualcomm ≫ Pmk8002 Version-

Qualcomm ≫ Pmk8003 Version-

Qualcomm ≫ Pmm6155au Version-

Qualcomm ≫ Pmm8155au Version-

Qualcomm ≫ Pmm8195au Version-

Qualcomm ≫ Pmm855au Version-

Qualcomm ≫ Pmr525 Version-

Qualcomm ≫ Pmr735b Version-

Qualcomm ≫ Pmx50 Version-

Qualcomm ≫ Pmx55 Version-

Qualcomm ≫ Qat3516 Version-

Qualcomm ≫ Qat3518 Version-

Qualcomm ≫ Qat3519 Version-

Qualcomm ≫ Qat3555 Version-

Qualcomm ≫ Qat5515 Version-

Qualcomm ≫ Qat5522 Version-

Qualcomm ≫ Qat5533 Version-

Qualcomm ≫ Qbt1500 Version-

Qualcomm ≫ Qbt2000 Version-

Qualcomm ≫ Qca6390 Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6420 Version-

Qualcomm ≫ Qca6421 Version-

Qualcomm ≫ Qca6426 Version-

Qualcomm ≫ Qca6430 Version-

Qualcomm ≫ Qca6431 Version-

Qualcomm ≫ Qca6436 Version-

Qualcomm ≫ Qca6574 Version-

Qualcomm ≫ Qca6574a Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6595au Version-

Qualcomm ≫ Qca6696 Version-

Qualcomm ≫ Qdm2301 Version-

Qualcomm ≫ Qdm2305 Version-

Qualcomm ≫ Qdm3301 Version-

Qualcomm ≫ Qdm5620 Version-

Qualcomm ≫ Qdm5621 Version-

Qualcomm ≫ Qdm5650 Version-

Qualcomm ≫ Qdm5652 Version-

Qualcomm ≫ Qdm5670 Version-

Qualcomm ≫ Qdm5671 Version-

Qualcomm ≫ Qdm5677 Version-

Qualcomm ≫ Qdm5679 Version-

Qualcomm ≫ Qet4101 Version-

Qualcomm ≫ Qet5100 Version-

Qualcomm ≫ Qet6110 Version-

Qualcomm ≫ Qfs2530 Version-

Qualcomm ≫ Qfs2580 Version-

Qualcomm ≫ Qln4642 Version-

Qualcomm ≫ Qln4650 Version-

Qualcomm ≫ Qln5020 Version-

Qualcomm ≫ Qln5030 Version-

Qualcomm ≫ Qln5040 Version-

Qualcomm ≫ Qpa2625 Version-

Qualcomm ≫ Qpa5580 Version-

Qualcomm ≫ Qpa6560 Version-

Qualcomm ≫ Qpa8673 Version-

Qualcomm ≫ Qpa8686 Version-

Qualcomm ≫ Qpa8801 Version-

Qualcomm ≫ Qpa8802 Version-

Qualcomm ≫ Qpa8803 Version-

Qualcomm ≫ Qpa8821 Version-

Qualcomm ≫ Qpa8842 Version-

Qualcomm ≫ Qpm4650 Version-

Qualcomm ≫ Qpm5620 Version-

Qualcomm ≫ Qpm5621 Version-

Qualcomm ≫ Qpm5657 Version-

Qualcomm ≫ Qpm5658 Version-

Qualcomm ≫ Qpm5670 Version-

Qualcomm ≫ Qpm5677 Version-

Qualcomm ≫ Qpm5679 Version-

Qualcomm ≫ Qpm6582 Version-

Qualcomm ≫ Qpm6585 Version-

Qualcomm ≫ Qpm8820 Version-

Qualcomm ≫ Qpm8830 Version-

Qualcomm ≫ Qpm8895 Version-

Qualcomm ≫ Qsm7250 Version-

Qualcomm ≫ Qsm8250 Version-

Qualcomm ≫ Qtc800h Version-

Qualcomm ≫ Qtc801s Version-

Qualcomm ≫ Qtm525 Version-

Qualcomm ≫ Sa6145p Version-

Qualcomm ≫ Sa6150p Version-

Qualcomm ≫ Sa6155 Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Sa8150p Version-

Qualcomm ≫ Sa8155 Version-

Qualcomm ≫ Sa8155p Version-

Qualcomm ≫ Sa8195p Version-

Qualcomm ≫ Sc8180x+sdx55 Version-

Qualcomm ≫ Sd730 Version-

Qualcomm ≫ Sd765 Version-

Qualcomm ≫ Sd765g Version-

Qualcomm ≫ Sd768g Version-

Qualcomm ≫ Sd855 Version-

Qualcomm ≫ Sd8655g Version-

Qualcomm ≫ Sd8c Version-

Qualcomm ≫ Sd8cx Version-

Qualcomm ≫ Sdr051 Version-

Qualcomm ≫ Sdr052 Version-

Qualcomm ≫ Sdr660 Version-

Qualcomm ≫ Sdr735 Version-

Qualcomm ≫ Sdr8150 Version-

Qualcomm ≫ Sdr8250 Version-

Qualcomm ≫ Sdr865 Version-

Qualcomm ≫ Sdx50m Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Sdxr25g Version-

Qualcomm ≫ Sm7250p Version-

Qualcomm ≫ Smb1355 Version-

Qualcomm ≫ Smb1381 Version-

Qualcomm ≫ Smb1390 Version-

Qualcomm ≫ Smb1395 Version-

Qualcomm ≫ Smb2351 Version-

Qualcomm ≫ Smr525 Version-

Qualcomm ≫ Smr526 Version-

Qualcomm ≫ Wcd9340 Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcd9371 Version-

Qualcomm ≫ Wcd9375 Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcn3910 Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3988 Version-

Qualcomm ≫ Wcn3990 Version-

Qualcomm ≫ Wcn3991 Version-

Qualcomm ≫ Wcn3998 Version-

Qualcomm ≫ Wcn6750 Version-

Qualcomm ≫ Wcn6850 Version-

Qualcomm ≫ Wcn6851 Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.06

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

Broken Link

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-11180

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-11180

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-11180

EUVD