Vulnerability Description
Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ar9380 | - |
| Qualcomm | Csr8811 | - |
| Qualcomm | Ipq4018 | - |
| Qualcomm | Ipq4019 | - |
| Qualcomm | Ipq4028 | - |
| Qualcomm | Ipq4029 | - |
| Qualcomm | Ipq6000 | - |
| Qualcomm | Ipq6005 | - |
| Qualcomm | Ipq6010 | - |
| Qualcomm | Ipq6018 | - |
| Qualcomm | Ipq6028 | - |
| Qualcomm | Ipq8064 | - |
| Qualcomm | Ipq8065 | - |
| Qualcomm | Ipq8068 | - |
| Qualcomm | Ipq8070 | - |
| Qualcomm | Ipq8070A | - |
| Qualcomm | Ipq8071 | - |
| Qualcomm | Ipq8071A | - |
| Qualcomm | Ipq8072 | - |
| Qualcomm | Ipq8072A | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletBroken Link
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-securiPatchVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletBroken Link
FAQ
What is CVE-2020-11185?
CVE-2020-11185 is a vulnerability with a CVSS score of 7.8 (HIGH). Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consume...
How severe is CVE-2020-11185?
CVE-2020-11185 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11185?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ar9380, Qualcomm Csr8811, Qualcomm Ipq4018, Qualcomm Ipq4019, Qualcomm Ipq4028.