CVE-2020-11208
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument' in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439
Un Problema fuera de límites en los servicios DSP mientras se procesan los argumentos recibidos debido a una comprobación inapropiada de la longitud recibida como argumento en versiones SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-03-31 CVE Reserved
- 2020-11-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-191: Integer Underflow (Wrap or Wraparound)
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin | 2022-10-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Sd820 Firmware Search vendor "Qualcomm" for product "Sd820 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd820 Search vendor "Qualcomm" for product "Sd820" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd821 Firmware Search vendor "Qualcomm" for product "Sd821 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd821 Search vendor "Qualcomm" for product "Sd821" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs603 Firmware Search vendor "Qualcomm" for product "Qcs603 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs603 Search vendor "Qualcomm" for product "Qcs603" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs605 Firmware Search vendor "Qualcomm" for product "Qcs605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs605 Search vendor "Qualcomm" for product "Qcs605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sda855 Firmware Search vendor "Qualcomm" for product "Sda855 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sda855 Search vendor "Qualcomm" for product "Sda855" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6155p Firmware Search vendor "Qualcomm" for product "Sa6155p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6155p Search vendor "Qualcomm" for product "Sa6155p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6145p Firmware Search vendor "Qualcomm" for product "Sa6145p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6145p Search vendor "Qualcomm" for product "Sa6145p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6155 Firmware Search vendor "Qualcomm" for product "Sa6155 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6155 Search vendor "Qualcomm" for product "Sa6155" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6155p Firmware Search vendor "Qualcomm" for product "Sa6155p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6155p Search vendor "Qualcomm" for product "Sa6155p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd855 Firmware Search vendor "Qualcomm" for product "Sd855 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd855 Search vendor "Qualcomm" for product "Sd855" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd675 Firmware Search vendor "Qualcomm" for product "Sd675 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd675 Search vendor "Qualcomm" for product "Sd675" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd660 Firmware Search vendor "Qualcomm" for product "Sd660 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd660 Search vendor "Qualcomm" for product "Sd660" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd429 Firmware Search vendor "Qualcomm" for product "Sd429 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd429 Search vendor "Qualcomm" for product "Sd429" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd439 Firmware Search vendor "Qualcomm" for product "Sd439 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd439 Search vendor "Qualcomm" for product "Sd439" | - | - |
Safe
|