CVE-2020-11242

User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.4 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
qualcommCNA
8.4 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
qualcommpm660_firmware
-
qualcommpm660a_firmware
-
qualcommpm660l_firmware
-
qualcommpm855a_firmware
-
qualcommpmm855au_firmware
-
qualcommqat3514_firmware
-
qualcommqat3522_firmware
-
qualcommqat3550_firmware
-
qualcommqca6564a_firmware
-
qualcommqca6564au_firmware
-
qualcommqca6574a_firmware
-
qualcommqca6574au_firmware
-
qualcommqca6595_firmware
-
qualcommqca6595au_firmware
-
qualcommqet4100_firmware
-
qualcommqet4101_firmware
-
qualcommqet4200aq_firmware
-
qualcommqln1021aq_firmware
-
qualcommqln1031_firmware
-
qualcommqln1036aq_firmware
-
qualcommqpa4340_firmware
-
qualcommqpa4360_firmware
-
qualcommqpa5460_firmware
-
qualcommqtc800h_firmware
-
qualcommqtc800s_firmware
-
qualcommrsw8577_firmware
-
qualcommsd455_firmware
-
qualcommsd636_firmware
-
qualcommsd660_firmware
-
qualcommsdm630_firmware
-
qualcommsdr660_firmware
-
qualcommsmb1351_firmware
-
qualcommwcd9335_firmware
-
qualcommwcd9340_firmware
-
qualcommwcd9341_firmware
-
qualcommwcn3950_firmware
-
qualcommwcn3980_firmware
-
qualcommwcn3990_firmware
-
𝑥
= Vulnerable software versions
References
https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin
https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin