CVE-2020-11286

EPSS 0.05%
Published 22.02.2021 07:15:15
Last modified 21.11.2024 04:57:44
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Apq8009 Version-

Qualcomm ≫ Apq8009w Version-

Qualcomm ≫ Apq8017 Version-

Qualcomm ≫ Apq8053 Version-

Qualcomm ≫ Apq8064au Version-

Qualcomm ≫ Apq8076 Version-

Qualcomm ≫ Apq8096au Version-

Qualcomm ≫ Ar8151 Version-

Qualcomm ≫ Csr6030 Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Mdm9230 Version-

Qualcomm ≫ Mdm9250 Version-

Qualcomm ≫ Mdm9330 Version-

Qualcomm ≫ Mdm9607 Version-

Qualcomm ≫ Mdm9626 Version-

Qualcomm ≫ Mdm9628 Version-

Qualcomm ≫ Mdm9630 Version-

Qualcomm ≫ Mdm9640 Version-

Qualcomm ≫ Mdm9650 Version-

Qualcomm ≫ Mdm9655 Version-

Qualcomm ≫ Msm8909w Version-

Qualcomm ≫ Msm8937 Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Pm660 Version-

Qualcomm ≫ Pm660a Version-

Qualcomm ≫ Pm660l Version-

Qualcomm ≫ Pm8004 Version-

Qualcomm ≫ Pm8005 Version-

Qualcomm ≫ Pm8909 Version-

Qualcomm ≫ Pm8916 Version-

Qualcomm ≫ Pm8937 Version-

Qualcomm ≫ Pm8952 Version-

Qualcomm ≫ Pm8953 Version-

Qualcomm ≫ Pm8956 Version-

Qualcomm ≫ Pm8996 Version-

Qualcomm ≫ Pm8998 Version-

Qualcomm ≫ Pmd9607 Version-

Qualcomm ≫ Pmd9635 Version-

Qualcomm ≫ Pmd9645 Version-

Qualcomm ≫ Pmd9655 Version-

Qualcomm ≫ Pmi8937 Version-

Qualcomm ≫ Pmi8952 Version-

Qualcomm ≫ Pmi8994 Version-

Qualcomm ≫ Pmi8996 Version-

Qualcomm ≫ Pmi8998 Version-

Qualcomm ≫ Pmk8001 Version-

Qualcomm ≫ Pmm8996au Version-

Qualcomm ≫ Pmx20 Version-

Qualcomm ≫ Qat3514 Version-

Qualcomm ≫ Qat3522 Version-

Qualcomm ≫ Qat3550 Version-

Qualcomm ≫ Qbt1000 Version-

Qualcomm ≫ Qbt1500 Version-

Qualcomm ≫ Qca6174 Version-

Qualcomm ≫ Qca6174a Version-

Qualcomm ≫ Qca6310 Version-

Qualcomm ≫ Qca6320 Version-

Qualcomm ≫ Qca6564a Version-

Qualcomm ≫ Qca6564au Version-

Qualcomm ≫ Qca6574 Version-

Qualcomm ≫ Qca6574a Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6584 Version-

Qualcomm ≫ Qca6584au Version-

Qualcomm ≫ Qca9367 Version-

Qualcomm ≫ Qca9377 Version-

Qualcomm ≫ Qet4100 Version-

Qualcomm ≫ Qet4101 Version-

Qualcomm ≫ Qet4200aq Version-

Qualcomm ≫ Qfe1035 Version-

Qualcomm ≫ Qfe1040 Version-

Qualcomm ≫ Qfe1045 Version-

Qualcomm ≫ Qfe2340 Version-

Qualcomm ≫ Qfe2550 Version-

Qualcomm ≫ Qfe3100 Version-

Qualcomm ≫ Qfe3320 Version-

Qualcomm ≫ Qfe3335 Version-

Qualcomm ≫ Qfe3345 Version-

Qualcomm ≫ Qln1021aq Version-

Qualcomm ≫ Qln1030 Version-

Qualcomm ≫ Qln1031 Version-

Qualcomm ≫ Qln1036aq Version-

Qualcomm ≫ Qpa4340 Version-

Qualcomm ≫ Qpa4360 Version-

Qualcomm ≫ Qpa5460 Version-

Qualcomm ≫ Qsw8573 Version-

Qualcomm ≫ Qtc800h Version-

Qualcomm ≫ Qtc800s Version-

Qualcomm ≫ Qtc800t Version-

Qualcomm ≫ Rgr7640au Version-

Qualcomm ≫ Rsw8577 Version-

Qualcomm ≫ Sd 636 Version-

Qualcomm ≫ Sd205 Version-

Qualcomm ≫ Sd210 Version-

Qualcomm ≫ Sd660 Version-

Qualcomm ≫ Sd820 Version-

Qualcomm ≫ Sd821 Version-

Qualcomm ≫ Sd835 Version-

Qualcomm ≫ Sdm630 Version-

Qualcomm ≫ Sdr660 Version-

Qualcomm ≫ Sdw2500 Version-

Qualcomm ≫ Sdw3100 Version-

Qualcomm ≫ Sdx20 Version-

Qualcomm ≫ Sdx20m Version-

Qualcomm ≫ Smb1350 Version-

Qualcomm ≫ Smb1351 Version-

Qualcomm ≫ Smb1357 Version-

Qualcomm ≫ Smb1358 Version-

Qualcomm ≫ Smb1360 Version-

Qualcomm ≫ Smb1380 Version-

Qualcomm ≫ Smb231 Version-

Qualcomm ≫ Smb358s Version-

Qualcomm ≫ Wcd9306 Version-

Qualcomm ≫ Wcd9326 Version-

Qualcomm ≫ Wcd9330 Version-

Qualcomm ≫ Wcd9335 Version-

Qualcomm ≫ Wcd9340 Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcn3610 Version-

Qualcomm ≫ Wcn3615 Version-

Qualcomm ≫ Wcn3620 Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wcn3680b Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3990 Version-

Qualcomm ≫ Wgr7640 Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wtr2955 Version-

Qualcomm ≫ Wtr2965 Version-

Qualcomm ≫ Wtr3905 Version-

Qualcomm ≫ Wtr3925 Version-

Qualcomm ≫ Wtr3950 Version-

Qualcomm ≫ Wtr4905 Version-

Qualcomm ≫ Wtr5975 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.106

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-11286

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-11286

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-11286

EUVD