CVSS: 8.4EPSS: 0%CPEs: 262EXPL: 0CVE-2020-11284
https://notcve.org/view.php?id=CVE-2020-11284
Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Una memoria bloqueada puede ser desbloqueada y modificada mediante un cargador de arranque no seguro por medio de una secuencia de llamada del sistema inapropiada, lo que hace que la región de la memoria sea una fuente de la entrada no confiable para el cargador de arranque seguro en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin • CWE-667: Improper Locking •
CVSS: 7.2EPSS: 0%CPEs: 624EXPL: 0CVE-2020-11252
https://notcve.org/view.php?id=CVE-2020-11252
Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un código de inicialización Trustzone desactivará las xPU`s cuando se habiliten los volcados de la memoria y conllevará a una divulgación de información en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 404EXPL: 0CVE-2020-11245
https://notcve.org/view.php?id=CVE-2020-11245
Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Unas lecturas y escrituras involuntarias por parte de NS EL2 en el controlador de control de acceso debido a una falta de comprobación de la validación de la entrada en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 134EXPL: 0CVE-2020-11210
https://notcve.org/view.php?id=CVE-2020-11210
Possible memory corruption in RPM region due to improper XPU configuration in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Una posible corrupción de la memoria en la región RPM debido a una configuración inapropiada de la XPU en los productos Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 262EXPL: 0CVE-2020-11228
https://notcve.org/view.php?id=CVE-2020-11228
Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Parte de la región RPM no estaba protegida de xblSec en sí debido a una política inapropiada y conlleva a un acceso sin privilegios en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/march-2021-bulletin •