1. Home
  2. CVE Database
  3. CVE-2020-11186
MEDIUM · 5.5

CVE-2020-11186

Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snap...

Vulnerability Description

Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
QualcommCsrb31024 Firmware-
QualcommCsrb31024-
QualcommPm3003A Firmware-
QualcommPm3003A-
QualcommPm7150A Firmware-
QualcommPm7150A-
QualcommPm7150L Firmware-
QualcommPm7150L-
QualcommPm7250 Firmware-
QualcommPm7250-
QualcommPm7250B Firmware-
QualcommPm7250B-
QualcommPm8008 Firmware-
QualcommPm8008-
QualcommPm8009 Firmware-
QualcommPm8009-
QualcommPm8150A Firmware-
QualcommPm8150A-
QualcommPm8150B Firmware-
QualcommPm8150B-

Related Weaknesses (CWE)

CWE-835

References

FAQ

What is CVE-2020-11186?

CVE-2020-11186 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snap...

How severe is CVE-2020-11186?

CVE-2020-11186 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-11186?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Csrb31024 Firmware, Qualcomm Csrb31024, Qualcomm Pm3003A Firmware, Qualcomm Pm3003A, Qualcomm Pm7150A Firmware.