{"id": "CVE-2020-11305", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2021-03-17T06:15:14.437", "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/march-2021-bulletin", "tags": ["Patch", "Vendor Advisory"], "source": "product-security@qualcomm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in boot due to improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music"}, {"lang": "es", "value": "Un Desbordamiento de enteros en el arranque debido a una comprobaci\u00f3n inapropiada de la longitud en los argumentos recibidos en los productos Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music"}], "lastModified": "2021-03-25T15:54:04.567", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C61BF93F-53DF-4399-AF41-45CEC1E0A2B8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7CC498E0-B82B-4A53-8F55-6C1DA58AFA88"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B052615D-857A-46D4-9098-1CBFA14687C6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19B59B60-A298-4A56-A45A-E34B7AAB43D7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A960B86A-C397-4ACB-AEE6-55F316D32949"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D79B8959-3D1E-4B48-9181-D75FE90AAF98"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:pm8909_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "498F048F-669D-46E0-AA60-ED2B3E11B67A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:pm8909:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2950D103-C664-44CE-86FC-49A03861441F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:pm8916_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FBCAE84-6089-4F0A-B2F0-1B9C9186F43F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:pm8916:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FEDA1620-8FFC-4DF4-9CBC-188D21581CF2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:pm8953_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F65963E1-6467-44ED-9DB4-122C9BB22001"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:pm8953:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "316C919A-BD79-4859-9F85-AEDBA5E6137A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:pmd9607_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D60A9ED-879F-4E6B-8AE2-C0A44D465F3F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:pmd9607:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ADCC2ABB-B97B-4414-89EC-39ED674E9A12"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:pmi8952_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7534BA2-545B-40CA-8335-72955A96CBAE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:pmi8952:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9F914570-082A-4276-85DB-ADA944BA771F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AD0E09B-92EC-4974-BC5F-66C3AAF586B1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3FBA48AB-85F4-4D6C-B811-87756B80FFB8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:smb1358_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3395EEC-7A15-4224-8F32-E363BE2651C8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:smb1358:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "726EF442-9D09-4C76-8EAE-8BCA61A127A4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:smb1360_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55DE88BF-7535-4187-BE8D-7B0EFB578C17"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:smb1360:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FB1D7205-33E9-452B-BECD-F551801071DE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:smb231_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB1E7640-4B9A-48F3-85B4-E85B6ECC659D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:smb231:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EC187295-155D-4C73-8CF1-AC4CA0DDD6A4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43A90019-4E96-40B5-9E4D-CCBDD51ACA34"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BC3D23FE-B3D5-4EC3-8268-98F12181966D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wtr2965_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAB78DF4-0A4D-44F3-BA4A-8BAAE40398DB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wtr2965:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1267A5A-D6C7-405B-AD58-6A80A30E6813"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@qualcomm.com"}