Vulnerability Details CVE-2020-11206
Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 69.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/
- https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/
- https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin
- https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/
- https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/
- https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin
Products affected by CVE-2020-11206
-
cpe:2.3:h:qualcomm:apq8098:-
-
cpe:2.3:h:qualcomm:msm8998:-
-
cpe:2.3:h:qualcomm:qcm4290:-
-
cpe:2.3:h:qualcomm:qcm6125:-
-
cpe:2.3:h:qualcomm:qcs410:-
-
cpe:2.3:h:qualcomm:qcs4290:-
-
cpe:2.3:h:qualcomm:qcs610:-
-
cpe:2.3:h:qualcomm:qcs6125:-
-
cpe:2.3:h:qualcomm:qsm8250:-
-
cpe:2.3:h:qualcomm:qsm8350:-
-
cpe:2.3:h:qualcomm:sa6145p:-
-
cpe:2.3:h:qualcomm:sa6150p:-
-
cpe:2.3:h:qualcomm:sa6155:-
-
cpe:2.3:h:qualcomm:sa6155p:-
-
cpe:2.3:h:qualcomm:sa8150p:-
-
cpe:2.3:h:qualcomm:sa8155:-
-
cpe:2.3:h:qualcomm:sa8155p:-
-
cpe:2.3:h:qualcomm:sa8195p:-
-
cpe:2.3:h:qualcomm:sc7180:-
-
cpe:2.3:h:qualcomm:sda640:-
-
cpe:2.3:h:qualcomm:sda660:-
-
cpe:2.3:h:qualcomm:sda845:-
-
cpe:2.3:h:qualcomm:sda855:-
-
cpe:2.3:h:qualcomm:sdm640:-
-
cpe:2.3:h:qualcomm:sdm660:-
-
cpe:2.3:h:qualcomm:sdm830:-
-
cpe:2.3:h:qualcomm:sdm845:-
-
cpe:2.3:h:qualcomm:sdm850:-
-
cpe:2.3:h:qualcomm:sdx50m:-
-
cpe:2.3:h:qualcomm:sdx55:-
-
cpe:2.3:h:qualcomm:sdx55m:-
-
cpe:2.3:h:qualcomm:sm4250:-
-
cpe:2.3:h:qualcomm:sm4250p:-
-
cpe:2.3:h:qualcomm:sm6115:-
-
cpe:2.3:h:qualcomm:sm6115p:-
-
cpe:2.3:h:qualcomm:sm6125:-
-
cpe:2.3:h:qualcomm:sm6150:-
-
cpe:2.3:h:qualcomm:sm6150p:-
-
cpe:2.3:h:qualcomm:sm6250:-
-
cpe:2.3:h:qualcomm:sm6250p:-
-
cpe:2.3:h:qualcomm:sm6350:-
-
cpe:2.3:h:qualcomm:sm7125:-
-
cpe:2.3:h:qualcomm:sm7150:-
-
cpe:2.3:h:qualcomm:sm7150p:-
-
cpe:2.3:h:qualcomm:sm7225:-
-
cpe:2.3:h:qualcomm:sm7250:-
-
cpe:2.3:h:qualcomm:sm7250p:-
-
cpe:2.3:h:qualcomm:sm8150:-
-
cpe:2.3:h:qualcomm:sm8150p:-
-
cpe:2.3:h:qualcomm:sm8250:-
-
cpe:2.3:h:qualcomm:sm8350:-
-
cpe:2.3:h:qualcomm:sm8350p:-
-
cpe:2.3:h:qualcomm:sxr2130:-
-
cpe:2.3:h:qualcomm:sxr2130p:-
-
cpe:2.3:o:qualcomm:apq8098_firmware:-
-
cpe:2.3:o:qualcomm:msm8998_firmware:-
-
cpe:2.3:o:qualcomm:qcm4290_firmware:-
-
cpe:2.3:o:qualcomm:qcm6125_firmware:-
-
cpe:2.3:o:qualcomm:qcs410_firmware:-
-
cpe:2.3:o:qualcomm:qcs4290_firmware:-
-
cpe:2.3:o:qualcomm:qcs610_firmware:-
-
cpe:2.3:o:qualcomm:qcs6125_firmware:-
-
cpe:2.3:o:qualcomm:qsm8250_firmware:-
-
cpe:2.3:o:qualcomm:qsm8350_firmware:-
-
cpe:2.3:o:qualcomm:sa6145p_firmware:-
-
cpe:2.3:o:qualcomm:sa6150p_firmware:-
-
cpe:2.3:o:qualcomm:sa6155_firmware:-
-
cpe:2.3:o:qualcomm:sa6155p_firmware:-
-
cpe:2.3:o:qualcomm:sa8150p_firmware:-
-
cpe:2.3:o:qualcomm:sa8155_firmware:-
-
cpe:2.3:o:qualcomm:sa8155p_firmware:-
-
cpe:2.3:o:qualcomm:sa8195p_firmware:-
-
cpe:2.3:o:qualcomm:sc7180_firmware:-
-
cpe:2.3:o:qualcomm:sda640_firmware:-
-
cpe:2.3:o:qualcomm:sda660_firmware:-
-
cpe:2.3:o:qualcomm:sda845_firmware:-
-
cpe:2.3:o:qualcomm:sda855_firmware:-
-
cpe:2.3:o:qualcomm:sdm640_firmware:-
-
cpe:2.3:o:qualcomm:sdm660_firmware:-
-
cpe:2.3:o:qualcomm:sdm830_firmware:-
-
cpe:2.3:o:qualcomm:sdm845_firmware:-
-
cpe:2.3:o:qualcomm:sdm850_firmware:-
-
cpe:2.3:o:qualcomm:sdx50m_firmware:-
-
cpe:2.3:o:qualcomm:sdx55_firmware:-
-
cpe:2.3:o:qualcomm:sdx55m_firmware:-
-
cpe:2.3:o:qualcomm:sm4250_firmware:-
-
cpe:2.3:o:qualcomm:sm4250p_firmware:-
-
cpe:2.3:o:qualcomm:sm6115_firmware:-
-
cpe:2.3:o:qualcomm:sm6115p_firmware:-
-
cpe:2.3:o:qualcomm:sm6125_firmware:-
-
cpe:2.3:o:qualcomm:sm6150_firmware:-
-
cpe:2.3:o:qualcomm:sm6150p_firmware:-
-
cpe:2.3:o:qualcomm:sm6250_firmware:-
-
cpe:2.3:o:qualcomm:sm6250p_firmware:-
-
cpe:2.3:o:qualcomm:sm6350_firmware:-
-
cpe:2.3:o:qualcomm:sm7125_firmware:-
-
cpe:2.3:o:qualcomm:sm7150_firmware:-
-
cpe:2.3:o:qualcomm:sm7150p_firmware:-
-
cpe:2.3:o:qualcomm:sm7225_firmware:-
-
cpe:2.3:o:qualcomm:sm7250_firmware:-
-
cpe:2.3:o:qualcomm:sm7250p_firmware:-
-
cpe:2.3:o:qualcomm:sm8150_firmware:-
-
cpe:2.3:o:qualcomm:sm8150p_firmware:-
-
cpe:2.3:o:qualcomm:sm8250_firmware:-
-
cpe:2.3:o:qualcomm:sm8350_firmware:-
-
cpe:2.3:o:qualcomm:sm8350p_firmware:-
-
cpe:2.3:o:qualcomm:sxr2130_firmware:-
-
cpe:2.3:o:qualcomm:sxr2130p_firmware:-