{"id": "CVE-2020-11205", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-11-12T10:15:12.967", "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin", "tags": ["Vendor Advisory"], "source": "product-security@qualcomm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}, {"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile in QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155P, SA8195P, SDX55M, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"}, {"lang": "es", "value": "Un posible desbordamiento de enteros para un desbordamiento de pila mientras se procesa el comando debido a una falta de comprobaci\u00f3n de la longitud del paquete recibido en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile en versiones QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155P, SA8195P, SDX55M, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDC730C6-FB32-4566-AAE2-B2B261BA9411"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5A432773-467F-492C-AA3A-ADF08A21FB3F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8350_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B0798E6-68B1-4C0E-BF5B-5BC8033351A5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8350:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E70D909-40D1-4B66-AEA3-034F2C53FB0F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8350p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "843EA485-D423-467E-B058-0A592C8F1E23"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8350p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0779F521-F94A-4641-B5B2-C7611A8382C5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sxr2130p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AC910FA-0AD1-460A-B333-57C99D4FC7BB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sxr2130p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "34DFEB6B-7D74-4DEE-A263-49D9420DB126"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@qualcomm.com"}