7.8

CVE-2020-11181

Out of bound access issue while handling cvp process control command due to improper validation of buffer pointer received from HLOS in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Data is provided by the National Vulnerability Database (NVD)
QualcommPm3003a Firmware Version-
   QualcommPm3003a Version-
QualcommPm8009 Firmware Version-
   QualcommPm8009 Version-
QualcommPm8150a Firmware Version-
   QualcommPm8150a Version-
QualcommPm8150b Firmware Version-
   QualcommPm8150b Version-
QualcommPm8150c Firmware Version-
   QualcommPm8150c Version-
QualcommPm8150l Firmware Version-
   QualcommPm8150l Version-
QualcommPm8250 Firmware Version-
   QualcommPm8250 Version-
QualcommPmk8002 Firmware Version-
   QualcommPmk8002 Version-
QualcommPmr525 Firmware Version-
   QualcommPmr525 Version-
QualcommPmx55 Firmware Version-
   QualcommPmx55 Version-
QualcommQbt2000 Firmware Version-
   QualcommQbt2000 Version-
QualcommQca6390 Firmware Version-
   QualcommQca6390 Version-
QualcommQca6391 Firmware Version-
   QualcommQca6391 Version-
QualcommQca6421 Firmware Version-
   QualcommQca6421 Version-
QualcommQca6426 Firmware Version-
   QualcommQca6426 Version-
QualcommQca6431 Firmware Version-
   QualcommQca6431 Version-
QualcommQca6436 Firmware Version-
   QualcommQca6436 Version-
QualcommQfs2530 Firmware Version-
   QualcommQfs2530 Version-
QualcommQfs2580 Firmware Version-
   QualcommQfs2580 Version-
QualcommQsm8250 Firmware Version-
   QualcommQsm8250 Version-
QualcommQtc800h Firmware Version-
   QualcommQtc800h Version-
QualcommQtc801s Firmware Version-
   QualcommQtc801s Version-
QualcommSd865 5g Firmware Version-
   QualcommSd865 5g Version-
QualcommSdr8250 Firmware Version-
   QualcommSdr8250 Version-
QualcommSdr865 Firmware Version-
   QualcommSdr865 Version-
QualcommSdx55 Firmware Version-
   QualcommSdx55 Version-
QualcommSdx55m Firmware Version-
   QualcommSdx55m Version-
QualcommSdxr2 5g Firmware Version-
   QualcommSdxr2 5g Version-
QualcommSmb1355 Firmware Version-
   QualcommSmb1355 Version-
QualcommSmb1390 Firmware Version-
   QualcommSmb1390 Version-
QualcommSmr525 Firmware Version-
   QualcommSmr525 Version-
QualcommSmr526 Firmware Version-
   QualcommSmr526 Version-
QualcommWcd9380 Firmware Version-
   QualcommWcd9380 Version-
QualcommWcd9385 Firmware Version-
   QualcommWcd9385 Version-
QualcommWcn6750 Firmware Version-
   QualcommWcn6750 Version-
QualcommWcn6850 Firmware Version-
   QualcommWcn6850 Version-
QualcommWcn6851 Firmware Version-
   QualcommWcn6851 Version-
QualcommWsa8810 Firmware Version-
   QualcommWsa8810 Version-
QualcommWsa8815 Firmware Version-
   QualcommWsa8815 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.03% 0.06
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.