CVE-2020-11141
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, SA415M, SA515M, SC8180X, SDX55, SM8250
Un problema de lectura excesiva del búfer en la pila de Bluetooth debido a una falta de comprobación para la longitud no válida de una petición de configuración L2cap recibida desde el dispositivo peer. En los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking en versiones APQ8009, APQ8053, QCA6390, QCN7605, SA415M, SA515M, SC8180X, SDX55, SM8250
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-03-31 CVE Reserved
- 2020-11-02 CVE Published
- 2023-06-09 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-125: Out-of-bounds Read
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin | 2021-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Apq8009 Firmware Search vendor "Qualcomm" for product "Apq8009 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8009 Search vendor "Qualcomm" for product "Apq8009" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Apq8053 Firmware Search vendor "Qualcomm" for product "Apq8053 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Apq8053 Search vendor "Qualcomm" for product "Apq8053" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qca6390 Firmware Search vendor "Qualcomm" for product "Qca6390 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca6390 Search vendor "Qualcomm" for product "Qca6390" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcn7605 Firmware Search vendor "Qualcomm" for product "Qcn7605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcn7605 Search vendor "Qualcomm" for product "Qcn7605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa415m Firmware Search vendor "Qualcomm" for product "Sa415m Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa415m Search vendor "Qualcomm" for product "Sa415m" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa515m Firmware Search vendor "Qualcomm" for product "Sa515m Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa515m Search vendor "Qualcomm" for product "Sa515m" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sc8180x Firmware Search vendor "Qualcomm" for product "Sc8180x Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sc8180x Search vendor "Qualcomm" for product "Sc8180x" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx55 Firmware Search vendor "Qualcomm" for product "Sdx55 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx55 Search vendor "Qualcomm" for product "Sdx55" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm8250 Firmware Search vendor "Qualcomm" for product "Sm8250 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm8250 Search vendor "Qualcomm" for product "Sm8250" | - | - |
Safe
|