7.8
CVE-2020-11208
- EPSS 0.5%
- Veröffentlicht 12.11.2020 10:15:13
- Zuletzt bearbeitet 21.11.2024 04:57:15
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument' in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Sd820 Firmware Version-
Qualcomm ≫ Sd821 Firmware Version-
Qualcomm ≫ Qcs603 Firmware Version-
Qualcomm ≫ Qcs605 Firmware Version-
Qualcomm ≫ Sda855 Firmware Version-
Qualcomm ≫ Sa6155p Firmware Version-
Qualcomm ≫ Sa6145p Firmware Version-
Qualcomm ≫ Sa6155 Firmware Version-
Qualcomm ≫ Sa6155p Firmware Version-
Qualcomm ≫ Sd855 Firmware Version-
Qualcomm ≫ Sd675 Firmware Version-
Qualcomm ≫ Sd660 Firmware Version-
Qualcomm ≫ Sd429 Firmware Version-
Qualcomm ≫ Sd439 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.5% | 0.647 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-191 Integer Underflow (Wrap or Wraparound)
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.