Vulnerability Description
RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Aqt1000 Firmware | - |
| Qualcomm | Aqt1000 | - |
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | Fsm10055 Firmware | - |
| Qualcomm | Fsm10055 | - |
| Qualcomm | Fsm10056 Firmware | - |
| Qualcomm | Fsm10056 | - |
| Qualcomm | Pm3003A Firmware | - |
| Qualcomm | Pm3003A | - |
| Qualcomm | Pm7150A Firmware | - |
| Qualcomm | Pm7150A | - |
| Qualcomm | Pm7150L Firmware | - |
| Qualcomm | Pm7150L | - |
| Qualcomm | Pm7250 Firmware | - |
| Qualcomm | Pm7250 | - |
| Qualcomm | Pm7250B Firmware | - |
| Qualcomm | Pm7250B | - |
| Qualcomm | Pm8004 Firmware | - |
| Qualcomm | Pm8004 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletinVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletinVendor Advisory
FAQ
What is CVE-2020-11243?
CVE-2020-11243 is a vulnerability with a CVSS score of 7.5 (HIGH). RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi...
How severe is CVE-2020-11243?
CVE-2020-11243 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11243?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm Fsm10055 Firmware.