CVE-2020-11305

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-11305
Integer overflow in boot due to improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

6.8 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/march-2021-bulletin Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:pm8909_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:pm8909:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:pm8916_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:pm8916:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:pm8953_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:pm8953:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:pmd9607_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:pmd9607:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:pmi8952_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:pmi8952:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:smb1358_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:smb1358:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:smb1360_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:smb1360:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:smb231_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:smb231:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:wtr2965_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wtr2965:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2021-03-17 06:15

Updated : 2024-02-28 18:08

NVD link : CVE-2020-11305

Mitre link : CVE-2020-11305

CVE.ORG link : CVE-2020-11305

JSON object : View

Products Affected

qualcomm

  • wtr2965
  • pm8909_firmware
  • wcd9330_firmware
  • wsa8815_firmware
  • wcd9326_firmware
  • pmd9607_firmware
  • wcd9326
  • wtr2965_firmware
  • qca9377
  • wcn3660b_firmware
  • smb1360
  • pmd9607
  • wsa8815
  • qca9367_firmware
  • wcn3680b
  • pm8916_firmware
  • wcn3680b_firmware
  • wsa8810
  • smb1358_firmware
  • qca9377_firmware
  • apq8053
  • mdm9206
  • qca9367
  • smb231
  • pm8909
  • wcd9330
  • smb231_firmware
  • apq8053_firmware
  • smb1360_firmware
  • mdm9206_firmware
  • pm8953
  • apq8009
  • smb1358
  • pm8916
  • pm8953_firmware
  • apq8009_firmware
  • pmi8952
  • wsa8810_firmware
  • pmi8952_firmware
  • wcn3660b
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer