Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveQualcommCVE-2020-11117
HistorySep 08, 2020 - 10:15 a.m.

CVE-2020-11117

2020-09-0810:15:14
CWE-77
qualcomm
web.nvd.nist.gov
47
nvd
cve-2020-11117
lbd service
remote code execution
snapdragon
ipq4019
ipq6018
ipq8064
ipq8074
qca4531
qca9531
qca9980

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON

u’In the lbd service, an external user can issue a specially crafted debug command to overwrite arbitrary files with arbitrary content resulting in remote code execution.’ in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA4531, QCA9531, QCA9980

Affected configurations

Nvd
Node
qualcommipq4019_firmwareMatch-
AND
qualcommipq4019Match-
Node
qualcommipq6018_firmwareMatch-
AND
qualcommipq6018Match-
Node
qualcommipq8064_firmwareMatch-
AND
qualcommipq8064Match-
Node
qualcommipq8074_firmwareMatch-
AND
qualcommipq8074Match-
Node
qualcommqca4531_firmwareMatch-
AND
qualcommqca4531Match-
Node
qualcommqca9531_firmwareMatch-
AND
qualcommqca9531Match-
Node
qualcommqca9980_firmwareMatch-
AND
qualcommqca9980Match-
VendorProductVersionCPE
qualcommipq4019_firmware-cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*
qualcommipq4019-cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*
qualcommipq6018_firmware-cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*
qualcommipq6018-cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*
qualcommipq8064_firmware-cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*
qualcommipq8064-cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*
qualcommipq8074_firmware-cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*
qualcommipq8074-cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*
qualcommqca4531_firmware-cpe:2.3:o:qualcomm:qca4531_firmware:-:*:*:*:*:*:*:*
qualcommqca4531-cpe:2.3:h:qualcomm:qca4531:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 141

CNA Affected

[
  {
    "product": "Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Wired Infrastructure and Networking",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA4531, QCA9531, QCA9980"
      }
    ]
  }
]

Related

nvd 1
prion 1
checkpoint_advisories 1
cvelist 1
talos 1
talosblog 1
nvd
nvd
CVE-2020-11117
2020-09-08 10:15:14
prion
prion
Remote code execution
2020-09-08 10:15:00
checkpoint_advisories
checkpoint_advisories
Qualcomm Snapdragon Remote Code Execution (CVE-2020-11117)
2022-07-26 00:00:00
cvelist
cvelist
CVE-2020-11117
2020-09-08 09:31:35
talos
talos
Synology SRM lbd service Command Execution Vulnerability
2020-10-29 00:00:00
talosblog
talosblog
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
2023-08-02 12:00:19

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON
Related for CVE-2020-11117
nvd1prion1checkpoint_advisories1cvelist1talos1talosblog1