CVE-2020-11181 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 9%

Affected Products (NVD)

Vendor	Product	Version
qualcomm	pm3003a_firmware	-
qualcomm	pm8009_firmware	-
qualcomm	pm8150a_firmware	-
qualcomm	pm8150b_firmware	-
qualcomm	pm8150c_firmware	-
qualcomm	pm8150l_firmware	-
qualcomm	pm8250_firmware	-
qualcomm	pmk8002_firmware	-
qualcomm	pmr525_firmware	-
qualcomm	pmx55_firmware	-
qualcomm	qbt2000_firmware	-
qualcomm	qca6390_firmware	-
qualcomm	qca6391_firmware	-
qualcomm	qca6421_firmware	-
qualcomm	qca6426_firmware	-
qualcomm	qca6431_firmware	-
qualcomm	qca6436_firmware	-
qualcomm	qfs2530_firmware	-
qualcomm	qfs2580_firmware	-
qualcomm	qsm8250_firmware	-
qualcomm	qtc800h_firmware	-
qualcomm	qtc801s_firmware	-
qualcomm	sd865_5g_firmware	-
qualcomm	sdr8250_firmware	-
qualcomm	sdr865_firmware	-
qualcomm	sdx55_firmware	-
qualcomm	sdx55m_firmware	-
qualcomm	sdxr2_5g_firmware	-
qualcomm	smb1355_firmware	-
qualcomm	smb1390_firmware	-
qualcomm	smr525_firmware	-
qualcomm	smr526_firmware	-
qualcomm	wcd9380_firmware	-
qualcomm	wcd9385_firmware	-
qualcomm	wcn6750_firmware	-
qualcomm	wcn6850_firmware	-
qualcomm	wcn6851_firmware	-
qualcomm	wsa8810_firmware	-
qualcomm	wsa8815_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin