CVE-2020-11202
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow/underflow occurs when typecasting the buffer passed by CPU internally in the library which is not aligned with the actual size of the structure' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P
Un desbordamiento y subdesbordamiento del búfer se produce al encasillar el búfer pasado por la CPU internamente en la biblioteca que no está alineado con el tamaño real de la estructura' en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile en QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-03-31 CVE Reserved
- 2020-11-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin | 2021-12-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Qcm6125 Firmware Search vendor "Qualcomm" for product "Qcm6125 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcm6125 Search vendor "Qualcomm" for product "Qcm6125" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs410 Firmware Search vendor "Qualcomm" for product "Qcs410 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs410 Search vendor "Qualcomm" for product "Qcs410" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs603 Firmware Search vendor "Qualcomm" for product "Qcs603 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs603 Search vendor "Qualcomm" for product "Qcs603" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs605 Firmware Search vendor "Qualcomm" for product "Qcs605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs605 Search vendor "Qualcomm" for product "Qcs605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs610 Firmware Search vendor "Qualcomm" for product "Qcs610 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs610 Search vendor "Qualcomm" for product "Qcs610" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs6125 Firmware Search vendor "Qualcomm" for product "Qcs6125 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs6125 Search vendor "Qualcomm" for product "Qcs6125" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6145p Firmware Search vendor "Qualcomm" for product "Sa6145p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6145p Search vendor "Qualcomm" for product "Sa6145p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6155 Firmware Search vendor "Qualcomm" for product "Sa6155 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6155 Search vendor "Qualcomm" for product "Sa6155" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6155p Firmware Search vendor "Qualcomm" for product "Sa6155p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6155p Search vendor "Qualcomm" for product "Sa6155p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa8155 Firmware Search vendor "Qualcomm" for product "Sa8155 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa8155 Search vendor "Qualcomm" for product "Sa8155" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa8155p Firmware Search vendor "Qualcomm" for product "Sa8155p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa8155p Search vendor "Qualcomm" for product "Sa8155p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sda640 Firmware Search vendor "Qualcomm" for product "Sda640 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sda640 Search vendor "Qualcomm" for product "Sda640" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sda670 Firmware Search vendor "Qualcomm" for product "Sda670 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sda670 Search vendor "Qualcomm" for product "Sda670" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sda845 Firmware Search vendor "Qualcomm" for product "Sda845 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sda845 Search vendor "Qualcomm" for product "Sda845" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm640 Firmware Search vendor "Qualcomm" for product "Sdm640 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm640 Search vendor "Qualcomm" for product "Sdm640" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm670 Firmware Search vendor "Qualcomm" for product "Sdm670 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm670 Search vendor "Qualcomm" for product "Sdm670" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm710 Firmware Search vendor "Qualcomm" for product "Sdm710 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm710 Search vendor "Qualcomm" for product "Sdm710" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm830 Firmware Search vendor "Qualcomm" for product "Sdm830 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm830 Search vendor "Qualcomm" for product "Sdm830" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdm845 Firmware Search vendor "Qualcomm" for product "Sdm845 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdm845 Search vendor "Qualcomm" for product "Sdm845" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx50m Firmware Search vendor "Qualcomm" for product "Sdx50m Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx50m Search vendor "Qualcomm" for product "Sdx50m" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx55 Firmware Search vendor "Qualcomm" for product "Sdx55 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx55 Search vendor "Qualcomm" for product "Sdx55" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx55m Firmware Search vendor "Qualcomm" for product "Sdx55m Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx55m Search vendor "Qualcomm" for product "Sdx55m" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm6125 Firmware Search vendor "Qualcomm" for product "Sm6125 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm6125 Search vendor "Qualcomm" for product "Sm6125" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm6150 Firmware Search vendor "Qualcomm" for product "Sm6150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm6150 Search vendor "Qualcomm" for product "Sm6150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm6150p Firmware Search vendor "Qualcomm" for product "Sm6150p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm6150p Search vendor "Qualcomm" for product "Sm6150p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm6250 Firmware Search vendor "Qualcomm" for product "Sm6250 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm6250 Search vendor "Qualcomm" for product "Sm6250" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm6250p Firmware Search vendor "Qualcomm" for product "Sm6250p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm6250p Search vendor "Qualcomm" for product "Sm6250p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm7125 Firmware Search vendor "Qualcomm" for product "Sm7125 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm7125 Search vendor "Qualcomm" for product "Sm7125" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm7150 Firmware Search vendor "Qualcomm" for product "Sm7150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm7150 Search vendor "Qualcomm" for product "Sm7150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm7150p Firmware Search vendor "Qualcomm" for product "Sm7150p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm7150p Search vendor "Qualcomm" for product "Sm7150p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm8150 Firmware Search vendor "Qualcomm" for product "Sm8150 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm8150 Search vendor "Qualcomm" for product "Sm8150" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm8150p Firmware Search vendor "Qualcomm" for product "Sm8150p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm8150p Search vendor "Qualcomm" for product "Sm8150p" | - | - |
Safe
|