Vulnerability Description
Out of bound access issue while handling cvp process control command due to improper validation of buffer pointer received from HLOS in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Pm3003A Firmware | - |
| Qualcomm | Pm3003A | - |
| Qualcomm | Pm8009 Firmware | - |
| Qualcomm | Pm8009 | - |
| Qualcomm | Pm8150A Firmware | - |
| Qualcomm | Pm8150A | - |
| Qualcomm | Pm8150B Firmware | - |
| Qualcomm | Pm8150B | - |
| Qualcomm | Pm8150C Firmware | - |
| Qualcomm | Pm8150C | - |
| Qualcomm | Pm8150L Firmware | - |
| Qualcomm | Pm8150L | - |
| Qualcomm | Pm8250 Firmware | - |
| Qualcomm | Pm8250 | - |
| Qualcomm | Pmk8002 Firmware | - |
| Qualcomm | Pmk8002 | - |
| Qualcomm | Pmr525 Firmware | - |
| Qualcomm | Pmr525 | - |
| Qualcomm | Pmx55 Firmware | - |
| Qualcomm | Pmx55 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletBroken Link
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-securiVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletBroken Link
FAQ
What is CVE-2020-11181?
CVE-2020-11181 is a vulnerability with a CVSS score of 7.8 (HIGH). Out of bound access issue while handling cvp process control command due to improper validation of buffer pointer received from HLOS in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer...
How severe is CVE-2020-11181?
CVE-2020-11181 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11181?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Pm3003A Firmware, Qualcomm Pm3003A, Qualcomm Pm8009 Firmware, Qualcomm Pm8009, Qualcomm Pm8150A Firmware.