Vulnerability Details CVE-2020-11117
u'In the lbd service, an external user can issue a specially crafted debug command to overwrite arbitrary files with arbitrary content resulting in remote code execution.' in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA4531, QCA9531, QCA9980
Exploit prediction scoring system (EPSS) score
EPSS Score 0.1
EPSS Ranking 92.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065
Products affected by CVE-2020-11117
-
cpe:2.3:h:qualcomm:ipq4019:-
-
cpe:2.3:h:qualcomm:ipq6018:-
-
cpe:2.3:h:qualcomm:ipq8064:-
-
cpe:2.3:h:qualcomm:ipq8074:-
-
cpe:2.3:h:qualcomm:qca4531:-
-
cpe:2.3:h:qualcomm:qca9531:-
-
cpe:2.3:h:qualcomm:qca9980:-
-
cpe:2.3:o:qualcomm:ipq4019_firmware:-
-
cpe:2.3:o:qualcomm:ipq6018_firmware:-
-
cpe:2.3:o:qualcomm:ipq8064_firmware:-
-
cpe:2.3:o:qualcomm:ipq8074_firmware:-
-
cpe:2.3:o:qualcomm:qca4531_firmware:-
-
cpe:2.3:o:qualcomm:qca9531_firmware:-
-
cpe:2.3:o:qualcomm:qca9980_firmware:-