6.8
CVE-2020-11305
- EPSS 0.05%
- Published 17.03.2021 06:15:14
- Last modified 21.11.2024 04:57:50
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
Integer overflow in boot due to improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Apq8009 Firmware Version-
Qualcomm ≫ Apq8053 Firmware Version-
Qualcomm ≫ Mdm9206 Firmware Version-
Qualcomm ≫ Pm8909 Firmware Version-
Qualcomm ≫ Pm8916 Firmware Version-
Qualcomm ≫ Pm8953 Firmware Version-
Qualcomm ≫ Pmd9607 Firmware Version-
Qualcomm ≫ Pmi8952 Firmware Version-
Qualcomm ≫ Qca9367 Firmware Version-
Qualcomm ≫ Qca9377 Firmware Version-
Qualcomm ≫ Smb1358 Firmware Version-
Qualcomm ≫ Smb1360 Firmware Version-
Qualcomm ≫ Smb231 Firmware Version-
Qualcomm ≫ Wcd9326 Firmware Version-
Qualcomm ≫ Wcd9330 Firmware Version-
Qualcomm ≫ Wcn3660b Firmware Version-
Qualcomm ≫ Wcn3680b Firmware Version-
Qualcomm ≫ Wsa8810 Firmware Version-
Qualcomm ≫ Wsa8815 Firmware Version-
Qualcomm ≫ Wtr2965 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.106 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.