5.5

CVE-2020-11209

Exploit

Improper authorization in DSP process could allow unauthorized users to downgrade the library versions in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439

Data is provided by the National Vulnerability Database (NVD)
QualcommSd820 Firmware Version-
   QualcommSd820 Version-
QualcommSd821 Firmware Version-
   QualcommSd821 Version-
QualcommQcs603 Firmware Version-
   QualcommQcs603 Version-
QualcommQcs605 Firmware Version-
   QualcommQcs605 Version-
QualcommSda855 Firmware Version-
   QualcommSda855 Version-
QualcommSa6155p Firmware Version-
   QualcommSa6155p Version-
QualcommSa6145p Firmware Version-
   QualcommSa6145p Version-
QualcommSa6155 Firmware Version-
   QualcommSa6155 Version-
QualcommSa6155p Firmware Version-
   QualcommSa6155p Version-
QualcommSd855 Firmware Version-
   QualcommSd855 Version-
QualcommSd 675 Firmware Version-
   QualcommSd 675 Version-
QualcommSd660 Firmware Version-
   QualcommSd660 Version-
QualcommSd429 Firmware Version-
   QualcommSd429 Version-
QualcommSd439 Firmware Version-
   QualcommSd439 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.07% 0.206
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.