Podatność CVE-2020-11200

Podatność CVE-2020-11200

Publikacja: 2021-01-21

Opis:

Buffer over-read while parsing RPS due to lack of check of input validation on values received from user side. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Typ:

CWE-125

(Out-of-bounds Read)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
5/10	2.9/10	10/10

Wymagany dostęp	Złożoność ataku	Autoryzacja
Zdalny	Niska	Nie wymagana
Wpływ na poufność	Wpływ na integralność	Wpływ na dostępność
Brak	Brak	Częściowy

Affected software
Qualcomm -> Sd720g
Qualcomm -> Sdm630
Qualcomm -> Pm6150l
Qualcomm -> Sdx55m
Qualcomm -> Pm8004
Qualcomm -> Smb1395
Qualcomm -> Pm855p
Qualcomm -> Wcn3660
Qualcomm -> Pmm6155au
Qualcomm -> Wsa8815
Qualcomm -> Qat3555
Qualcomm -> Qca6420
Qualcomm -> Qca6696
Qualcomm -> Qdm2307
Qualcomm -> Qet6100
Qualcomm -> Qln1020
Qualcomm -> Qpa5373
Qualcomm -> Qpm5620
Qualcomm -> Qsw8573
Qualcomm -> Sa8155p
Qualcomm -> Sd730
Qualcomm -> Apq8053
Qualcomm -> Sdm830
Qualcomm -> Pm6250
Qualcomm -> Sdxr1
Qualcomm -> Pm8005
Qualcomm -> Smb1396
Qualcomm -> Pm8953
Qualcomm -> Wcn3660b
Qualcomm -> Pmm8155au
Qualcomm -> Wsa8830
Qualcomm -> Qat5515
Qualcomm -> Qca6421
Qualcomm -> Qca9379
Qualcomm -> Qdm2308
Qualcomm -> Qet6110
Qualcomm -> Qln1021aq
Qualcomm -> Qpa5460
Qualcomm -> Qpm5621
Qualcomm -> Qsw8574
Qualcomm -> Sa8195p
Qualcomm -> Sd750g
Qualcomm -> Apq8064au
Qualcomm -> Sdr051
Qualcomm -> Pm6350
Qualcomm -> Sdxr25g
Qualcomm -> Pm8008
Qualcomm -> Smb2351
Qualcomm -> Pm8996
Qualcomm -> Wcn3680b
Qualcomm -> Pmm8195au
Qualcomm -> Wsa8835
Qualcomm -> Qat5516
Qualcomm -> Qca6426
Qualcomm -> Qcc112
Qualcomm -> Qdm2310
Qualcomm -> Qfe2080fc
Qualcomm -> Qln1030
Qualcomm -> Qpa5580
Qualcomm -> Qpm5657
Qualcomm -> Qtc410s
Qualcomm -> Sc8180x\+sdx55
Qualcomm -> Sd450
Qualcomm -> Sd765
Qualcomm -> Apq8096au
Qualcomm -> Sdr052
Qualcomm -> Pm640a
Qualcomm -> Sm4125
Qualcomm -> Pm8009
Qualcomm -> Smr525
Qualcomm -> Pm8998
Qualcomm -> Wcn3910
Qualcomm -> Pmm855au
Qualcomm -> Wtr2955
Qualcomm -> Qat5522
Qualcomm -> Qca6430
Qualcomm -> Qcm2290
Qualcomm -> Qdm3301
Qualcomm -> Qfe2081fc
Qualcomm -> Qln1031
Qualcomm -> Qpa5581
Qualcomm -> Qpm5658
Qualcomm -> Qtc800h
Qualcomm -> Sd455
Qualcomm -> Sd765g
Qualcomm -> Aqt1000
Qualcomm -> Sdr425
Qualcomm -> Pm640l
Qualcomm -> Sm4350
Qualcomm -> Pm8019
Qualcomm -> Smr526
Qualcomm -> Pmc1000h
Qualcomm -> Wcn3950
Qualcomm -> Pmm8996au
Qualcomm -> Wtr2965
Qualcomm -> Qat5533
Qualcomm -> Qca6431
Qualcomm -> Qcm4290
Qualcomm -> Qdm5620
Qualcomm -> Qfe2082fc

Referencje:

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Podatność CVE-2020-11200

Buffer over-read while parsing RPS due to lack of check of input validation on values received from user side. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CWE-125

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

5/10

2.9/10

10/10

Zdalny

Niska

Nie wymagana

Brak

Brak

Częściowy

Affected software

Referencje: