CVE-2020-11183

EPSS 0.04%
Published 21.01.2021 10:15:14
Last modified 21.11.2024 04:57:07
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Apq8009 Version-

Qualcomm ≫ Apq8009w Version-

Qualcomm ≫ Apq8017 Version-

Qualcomm ≫ Apq8037 Version-

Qualcomm ≫ Apq8053 Version-

Qualcomm ≫ Apq8096au Version-

Qualcomm ≫ Ar8151 Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Mdm9250 Version-

Qualcomm ≫ Mdm9650 Version-

Qualcomm ≫ Mdm9655 Version-

Qualcomm ≫ Msm8909w Version-

Qualcomm ≫ Msm8917 Version-

Qualcomm ≫ Msm8920 Version-

Qualcomm ≫ Msm8937 Version-

Qualcomm ≫ Msm8940 Version-

Qualcomm ≫ Msm8953 Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Pm215 Version-

Qualcomm ≫ Pm439 Version-

Qualcomm ≫ Pm660 Version-

Qualcomm ≫ Pm660a Version-

Qualcomm ≫ Pm660l Version-

Qualcomm ≫ Pm8004 Version-

Qualcomm ≫ Pm8005 Version-

Qualcomm ≫ Pm855a Version-

Qualcomm ≫ Pm8909 Version-

Qualcomm ≫ Pm8916 Version-

Qualcomm ≫ Pm8937 Version-

Qualcomm ≫ Pm8940 Version-

Qualcomm ≫ Pm8953 Version-

Qualcomm ≫ Pm8996 Version-

Qualcomm ≫ Pm8998 Version-

Qualcomm ≫ Pmd9607 Version-

Qualcomm ≫ Pmd9655 Version-

Qualcomm ≫ Pmi632 Version-

Qualcomm ≫ Pmi8937 Version-

Qualcomm ≫ Pmi8940 Version-

Qualcomm ≫ Pmi8952 Version-

Qualcomm ≫ Pmi8994 Version-

Qualcomm ≫ Pmi8996 Version-

Qualcomm ≫ Pmi8998 Version-

Qualcomm ≫ Pmk8001 Version-

Qualcomm ≫ Pmm855au Version-

Qualcomm ≫ Pmm8996au Version-

Qualcomm ≫ Pmx20 Version-

Qualcomm ≫ Qat3514 Version-

Qualcomm ≫ Qat3522 Version-

Qualcomm ≫ Qat3550 Version-

Qualcomm ≫ Qbt1000 Version-

Qualcomm ≫ Qbt1500 Version-

Qualcomm ≫ Qca6174a Version-

Qualcomm ≫ Qca6310 Version-

Qualcomm ≫ Qca6320 Version-

Qualcomm ≫ Qca6564a Version-

Qualcomm ≫ Qca6564au Version-

Qualcomm ≫ Qca6574a Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6595 Version-

Qualcomm ≫ Qca6595au Version-

Qualcomm ≫ Qca9367 Version-

Qualcomm ≫ Qca9377 Version-

Qualcomm ≫ Qca9379 Version-

Qualcomm ≫ Qcc1110 Version-

Qualcomm ≫ Qet4100 Version-

Qualcomm ≫ Qet4101 Version-

Qualcomm ≫ Qet4200aq Version-

Qualcomm ≫ Qet5100 Version-

Qualcomm ≫ Qfe2080fc Version-

Qualcomm ≫ Qfe2081fc Version-

Qualcomm ≫ Qfe2082fc Version-

Qualcomm ≫ Qfe2101 Version-

Qualcomm ≫ Qfe2550 Version-

Qualcomm ≫ Qfe3100 Version-

Qualcomm ≫ Qfe3440fc Version-

Qualcomm ≫ Qfe4301 Version-

Qualcomm ≫ Qfe4302 Version-

Qualcomm ≫ Qfe4303 Version-

Qualcomm ≫ Qfe4305 Version-

Qualcomm ≫ Qfe4308 Version-

Qualcomm ≫ Qfe4309 Version-

Qualcomm ≫ Qfe4320 Version-

Qualcomm ≫ Qfe4373fc Version-

Qualcomm ≫ Qfe4455fc Version-

Qualcomm ≫ Qfe4465fc Version-

Qualcomm ≫ Qln1021aq Version-

Qualcomm ≫ Qln1030 Version-

Qualcomm ≫ Qln1031 Version-

Qualcomm ≫ Qln1035bd Version-

Qualcomm ≫ Qln1036aq Version-

Qualcomm ≫ Qpa4340 Version-

Qualcomm ≫ Qpa4360 Version-

Qualcomm ≫ Qpa5373 Version-

Qualcomm ≫ Qpa5460 Version-

Qualcomm ≫ Qsw8573 Version-

Qualcomm ≫ Qtc800h Version-

Qualcomm ≫ Qtc800s Version-

Qualcomm ≫ Qtc800t Version-

Qualcomm ≫ Qtc801s Version-

Qualcomm ≫ Qualcomm215 Version-

Qualcomm ≫ Rgr7640au Version-

Qualcomm ≫ Rsw8577 Version-

Qualcomm ≫ Sd439 Version-

Qualcomm ≫ Sd450 Version-

Qualcomm ≫ Sd636 Version-

Qualcomm ≫ Sd660 Version-

Qualcomm ≫ Sd710 Version-

Qualcomm ≫ Sd712 Version-

Qualcomm ≫ Sd820 Version-

Qualcomm ≫ Sd821 Version-

Qualcomm ≫ Sd835 Version-

Qualcomm ≫ Sdm630 Version-

Qualcomm ≫ Sdm830 Version-

Qualcomm ≫ Sdr051 Version-

Qualcomm ≫ Sdr052 Version-

Qualcomm ≫ Sdr660 Version-

Qualcomm ≫ Sdw2500 Version-

Qualcomm ≫ Sdw3100 Version-

Qualcomm ≫ Sdx20 Version-

Qualcomm ≫ Sdx20m Version-

Qualcomm ≫ Sdx50m Version-

Qualcomm ≫ Smb1350 Version-

Qualcomm ≫ Smb1351 Version-

Qualcomm ≫ Smb1355 Version-

Qualcomm ≫ Smb1357 Version-

Qualcomm ≫ Smb1358 Version-

Qualcomm ≫ Smb1360 Version-

Qualcomm ≫ Smb1380 Version-

Qualcomm ≫ Smb231 Version-

Qualcomm ≫ Wcd9326 Version-

Qualcomm ≫ Wcd9330 Version-

Qualcomm ≫ Wcd9335 Version-

Qualcomm ≫ Wcd9340 Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcn3615 Version-

Qualcomm ≫ Wcn3620 Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wcn3680 Version-

Qualcomm ≫ Wcn3680b Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3990 Version-

Qualcomm ≫ Wgr7640 Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wtr2955 Version-

Qualcomm ≫ Wtr2965 Version-

Qualcomm ≫ Wtr3905 Version-

Qualcomm ≫ Wtr3925 Version-

Qualcomm ≫ Wtr3950 Version-

Qualcomm ≫ Wtr4905 Version-

Qualcomm ≫ Wtr5975 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.082

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

Broken Link

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-11183

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-11183

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-11183

EUVD