Vulnerability CVE-2020-11286


Published: 2021-02-22

Description:
An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Type:

CWE-476

(NULL Pointer Dereference)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Qualcomm -> Mdm9628 
Qualcomm -> Pm8952 
Qualcomm -> Pmx20 
Qualcomm -> Qca6584au 
Qualcomm -> Qln1030 
Qualcomm -> Sd821 
Qualcomm -> Smb358s 
Qualcomm -> Wsa8815 
Qualcomm -> Apq8009 
Qualcomm -> Mdm9630 
Qualcomm -> Pm8953 
Qualcomm -> Qat3514 
Qualcomm -> Qca9367 
Qualcomm -> Qln1031 
Qualcomm -> Sd835 
Qualcomm -> Wcd9306 
Qualcomm -> Wtr2955 
Qualcomm -> Apq8009w 
Qualcomm -> Mdm9640 
Qualcomm -> Pm8956 
Qualcomm -> Qat3522 
Qualcomm -> Qca9377 
Qualcomm -> Qln1036aq 
Qualcomm -> Sd 636 
Qualcomm -> Wcd9326 
Qualcomm -> Wtr2965 
Qualcomm -> Apq8017 
Qualcomm -> Mdm9650 
Qualcomm -> Pm8996 
Qualcomm -> Qat3550 
Qualcomm -> Qet4100 
Qualcomm -> Qpa4340 
Qualcomm -> Sdm630 
Qualcomm -> Wcd9330 
Qualcomm -> Wtr3905 
Qualcomm -> Apq8053 
Qualcomm -> Mdm9655 
Qualcomm -> Pm8998 
Qualcomm -> Qbt1000 
Qualcomm -> Qet4101 
Qualcomm -> Qpa4360 
Qualcomm -> Sdr660 
Qualcomm -> Wcd9335 
Qualcomm -> Wtr3925 
Qualcomm -> Apq8064au 
Qualcomm -> Msm8909w 
Qualcomm -> Pmd9607 
Qualcomm -> Qbt1500 
Qualcomm -> Qet4200aq 
Qualcomm -> Qpa5460 
Qualcomm -> Sdw2500 
Qualcomm -> Wcd9340 
Qualcomm -> Wtr3950 
Qualcomm -> Apq8076 
Qualcomm -> Msm8937 
Qualcomm -> Pmd9635 
Qualcomm -> Qca6174 
Qualcomm -> Qfe1035 
Qualcomm -> Qsw8573 
Qualcomm -> Sdw3100 
Qualcomm -> Wcd9341 
Qualcomm -> Wtr4905 
Qualcomm -> Apq8096au 
Qualcomm -> Msm8996au 
Qualcomm -> Pmd9645 
Qualcomm -> Qca6174a 
Qualcomm -> Qfe1040 
Qualcomm -> Qtc800h 
Qualcomm -> Sdx20 
Qualcomm -> Wcn3610 
Qualcomm -> Wtr5975 
Qualcomm -> Ar8151 
Qualcomm -> Pm660 
Qualcomm -> Pmd9655 
Qualcomm -> Qca6310 
Qualcomm -> Qfe1045 
Qualcomm -> Qtc800s 
Qualcomm -> Sdx20m 
Qualcomm -> Wcn3615 
Qualcomm -> Csr6030 
Qualcomm -> Pm660a 
Qualcomm -> Pmi8937 
Qualcomm -> Qca6320 
Qualcomm -> Qfe2340 
Qualcomm -> Qtc800t 
Qualcomm -> Smb1350 
Qualcomm -> Wcn3620 
Qualcomm -> Mdm9206 
Qualcomm -> Pm660l 
Qualcomm -> Pmi8952 
Qualcomm -> Qca6564a 
Qualcomm -> Qfe2550 
Qualcomm -> Rgr7640au 
Qualcomm -> Smb1351 
Qualcomm -> Wcn3660b 
Qualcomm -> Mdm9230 
Qualcomm -> Pm8004 
Qualcomm -> Pmi8994 
Qualcomm -> Qca6564au 
Qualcomm -> Qfe3100 

 References:
https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Copyright 2022, cxsecurity.com

 

Back to Top