CVE-2020-11209
Severity Score
5.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Improper authorization in DSP process could allow unauthorized users to downgrade the library versions in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439
Una autorización inapropiada en el proceso DSP podrÃa permitir a los usuarios no autorizados degradar las versiones de la biblioteca en versiones SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-03-31 CVE Reserved
- 2020-11-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-863: Incorrect Authorization
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin | 2021-12-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Sd820 Firmware Search vendor "Qualcomm" for product "Sd820 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd820 Search vendor "Qualcomm" for product "Sd820" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd821 Firmware Search vendor "Qualcomm" for product "Sd821 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd821 Search vendor "Qualcomm" for product "Sd821" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs603 Firmware Search vendor "Qualcomm" for product "Qcs603 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs603 Search vendor "Qualcomm" for product "Qcs603" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs605 Firmware Search vendor "Qualcomm" for product "Qcs605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs605 Search vendor "Qualcomm" for product "Qcs605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sda855 Firmware Search vendor "Qualcomm" for product "Sda855 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sda855 Search vendor "Qualcomm" for product "Sda855" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6155p Firmware Search vendor "Qualcomm" for product "Sa6155p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6155p Search vendor "Qualcomm" for product "Sa6155p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6145p Firmware Search vendor "Qualcomm" for product "Sa6145p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6145p Search vendor "Qualcomm" for product "Sa6145p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6155 Firmware Search vendor "Qualcomm" for product "Sa6155 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6155 Search vendor "Qualcomm" for product "Sa6155" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6155p Firmware Search vendor "Qualcomm" for product "Sa6155p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6155p Search vendor "Qualcomm" for product "Sa6155p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd855 Firmware Search vendor "Qualcomm" for product "Sd855 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd855 Search vendor "Qualcomm" for product "Sd855" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd 675 Firmware Search vendor "Qualcomm" for product "Sd 675 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd 675 Search vendor "Qualcomm" for product "Sd 675" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd660 Firmware Search vendor "Qualcomm" for product "Sd660 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd660 Search vendor "Qualcomm" for product "Sd660" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd429 Firmware Search vendor "Qualcomm" for product "Sd429 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd429 Search vendor "Qualcomm" for product "Sd429" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd439 Firmware Search vendor "Qualcomm" for product "Sd439 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd439 Search vendor "Qualcomm" for product "Sd439" | - | - |
Safe
|