Vulnerability Description
User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Pm660 Firmware | - |
| Qualcomm | Pm660 | - |
| Qualcomm | Pm660A Firmware | - |
| Qualcomm | Pm660A | - |
| Qualcomm | Pm660L Firmware | - |
| Qualcomm | Pm660L | - |
| Qualcomm | Pm855A Firmware | - |
| Qualcomm | Pm855A | - |
| Qualcomm | Pmm855Au Firmware | - |
| Qualcomm | Pmm855Au | - |
| Qualcomm | Qat3514 Firmware | - |
| Qualcomm | Qat3514 | - |
| Qualcomm | Qat3522 Firmware | - |
| Qualcomm | Qat3522 | - |
| Qualcomm | Qat3550 Firmware | - |
| Qualcomm | Qat3550 | - |
| Qualcomm | Qca6564A Firmware | - |
| Qualcomm | Qca6564A | - |
| Qualcomm | Qca6564Au Firmware | - |
| Qualcomm | Qca6564Au | - |
References
- https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletinVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletinVendor Advisory
FAQ
What is CVE-2020-11242?
CVE-2020-11242 is a vulnerability with a CVSS score of 8.4 (HIGH). User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile
How severe is CVE-2020-11242?
CVE-2020-11242 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11242?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Pm660 Firmware, Qualcomm Pm660, Qualcomm Pm660A Firmware, Qualcomm Pm660A, Qualcomm Pm660L Firmware.