Vulnerability Description
An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca6391 Firmware | - |
| Qualcomm | Qca6391 | - |
| Qualcomm | Qca6426 Firmware | - |
| Qualcomm | Qca6426 | - |
| Qualcomm | Qca6436 Firmware | - |
| Qualcomm | Qca6436 | - |
| Qualcomm | Qca8337 Firmware | - |
| Qualcomm | Qca8337 | - |
| Qualcomm | Qca9984 Firmware | - |
| Qualcomm | Qca9984 | - |
| Qualcomm | Qcm2290 Firmware | - |
| Qualcomm | Qcm2290 | - |
| Qualcomm | Qcm4290 Firmware | - |
| Qualcomm | Qcm4290 | - |
| Qualcomm | Qcs2290 Firmware | - |
| Qualcomm | Qcs2290 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletVendor Advisory
FAQ
What is CVE-2020-11263?
CVE-2020-11263 is a vulnerability with a CVSS score of 7.3 (HIGH). An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Sn...
How severe is CVE-2020-11263?
CVE-2020-11263 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11263?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm Qca6390 Firmware, Qualcomm Qca6390, Qualcomm Qca6391 Firmware.