CVE-2020-11187 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 11%

Affected Products (NVD)

Vendor	Product	Version
qualcomm	aqt1000_firmware	-
qualcomm	csrb31024_firmware	-
qualcomm	pm7150a_firmware	-
qualcomm	pm7150l_firmware	-
qualcomm	pm7250_firmware	-
qualcomm	pm7250b_firmware	-
qualcomm	pm8004_firmware	-
qualcomm	pm8008_firmware	-
qualcomm	pm855_firmware	-
qualcomm	pm855b_firmware	-
qualcomm	pm855l_firmware	-
qualcomm	pm855p_firmware	-
qualcomm	pmk8002_firmware	-
qualcomm	pmx24_firmware	-
qualcomm	pmx50_firmware	-
qualcomm	pmx55_firmware	-
qualcomm	qat3516_firmware	-
qualcomm	qat3518_firmware	-
qualcomm	qat3519_firmware	-
qualcomm	qat3555_firmware	-
qualcomm	qat5515_firmware	-
qualcomm	qat5522_firmware	-
qualcomm	qat5533_firmware	-
qualcomm	qbt2000_firmware	-
qualcomm	qca6391_firmware	-
qualcomm	qca6564au_firmware	-
qualcomm	qca6574a_firmware	-
qualcomm	qca6574au_firmware	-
qualcomm	qca6584au_firmware	-
qualcomm	qca6595au_firmware	-
qualcomm	qca6696_firmware	-
qualcomm	qca8337_firmware	-
qualcomm	qdm2301_firmware	-
qualcomm	qdm2305_firmware	-
qualcomm	qdm3301_firmware	-
qualcomm	qdm5620_firmware	-
qualcomm	qdm5621_firmware	-
qualcomm	qdm5650_firmware	-
qualcomm	qdm5652_firmware	-
qualcomm	qdm5670_firmware	-
qualcomm	qdm5671_firmware	-
qualcomm	qdm5677_firmware	-
qualcomm	qdm5679_firmware	-
qualcomm	qet4101_firmware	-
qualcomm	qet5100_firmware	-
qualcomm	qet6110_firmware	-
qualcomm	qln1021aq_firmware	-
qualcomm	qln1031_firmware	-
qualcomm	qln1036aq_firmware	-
qualcomm	qln4642_firmware	-
qualcomm	qln4650_firmware	-
qualcomm	qln5020_firmware	-
qualcomm	qln5030_firmware	-
qualcomm	qln5040_firmware	-
qualcomm	qpa2625_firmware	-
qualcomm	qpa5580_firmware	-
qualcomm	qpa6560_firmware	-
qualcomm	qpa8673_firmware	-
qualcomm	qpa8686_firmware	-
qualcomm	qpa8801_firmware	-
qualcomm	qpa8802_firmware	-
qualcomm	qpa8803_firmware	-
qualcomm	qpa8821_firmware	-
qualcomm	qpa8842_firmware	-
qualcomm	qpm5621_firmware	-
qualcomm	qpm5658_firmware	-
qualcomm	qpm5670_firmware	-
qualcomm	qpm5677_firmware	-
qualcomm	qpm5679_firmware	-
qualcomm	qpm6582_firmware	-
qualcomm	qpm6585_firmware	-
qualcomm	qpm8830_firmware	-
qualcomm	qpm8895_firmware	-
qualcomm	qtc801s_firmware	-
qualcomm	qtm525_firmware	-
qualcomm	qtm527_firmware	-
qualcomm	sa415m_firmware	-
qualcomm	sd765_firmware	-
qualcomm	sd765g_firmware	-
qualcomm	sd768g_firmware	-
qualcomm	sdr051_firmware	-
qualcomm	sdr052_firmware	-
qualcomm	sdr8150_firmware	-
qualcomm	sdr865_firmware	-
qualcomm	sdx50m_firmware	-
qualcomm	sdx55_firmware	-
qualcomm	sm7250p_firmware	-
qualcomm	smb1355_firmware	-
qualcomm	smb1390_firmware	-
qualcomm	smr525_firmware	-
qualcomm	smr526_firmware	-
qualcomm	wcd9341_firmware	-
qualcomm	wcd9380_firmware	-
qualcomm	wcd9385_firmware	-
qualcomm	wcn3991_firmware	-
qualcomm	wcn3998_firmware	-
qualcomm	wsa8810_firmware	-
qualcomm	wsa8815_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-129 - Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References

https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin