Lucene search

QualcommCVE-2020-11214

HistoryJan 21, 2021 - 10:15 a.m.

CVE-2020-11214

2021-01-2110:15:14

CWE-125

qualcomm

web.nvd.nist.gov

cve-2020-11214

buffer over-read

snapdragon auto

snapdragon compute

snapdragon connectivity

snapdragon consumer electronics connectivity

snapdragon consumer iot

snapdragon industrial iot

snapdragon mobile

snapdragon voice & music

snapdragon wired infrastructure

networking

nvd

security advisory

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

38.9%

JSON

Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Affected configurations

Nvd

Node

qualcommaqt1000Match-

qualcommar8031Match-

qualcommar8035Match-

qualcommcsr8811Match-

qualcommcsra6620Match-

qualcommcsra6640Match-

qualcommcsrb31024Match-

qualcommipq5010Match-

qualcommipq5018Match-

qualcommipq6000Match-

qualcommipq6005Match-

qualcommipq6010Match-

qualcommipq6018Match-

qualcommipq6028Match-

qualcommipq8070Match-

qualcommipq8070aMatch-

qualcommipq8071Match-

qualcommipq8071aMatch-

qualcommipq8072Match-

qualcommipq8072aMatch-

qualcommipq8074Match-

qualcommipq8074aMatch-

qualcommipq8076Match-

qualcommipq8076aMatch-

qualcommipq8078Match-

qualcommipq8078aMatch-

qualcommipq8173Match-

qualcommipq8174Match-

qualcommmdm9206Match-

qualcommpm3003aMatch-

qualcommpm4125Match-

qualcommpm456Match-

qualcommpm6125Match-

qualcommpm6150Match-

qualcommpm6150aMatch-

qualcommpm6150lMatch-

qualcommpm6250Match-

qualcommpm6350Match-

qualcommpm640aMatch-

qualcommpm640lMatch-

qualcommpm640pMatch-

qualcommpm660Match-

qualcommpm660aMatch-

qualcommpm660lMatch-

qualcommpm7150aMatch-

qualcommpm7150lMatch-

qualcommpm7250Match-

qualcommpm7250bMatch-

qualcommpm8004Match-

qualcommpm8008Match-

qualcommpm8009Match-

qualcommpm8150Match-

qualcommpm8150aMatch-

qualcommpm8150bMatch-

qualcommpm8150cMatch-

qualcommpm8150lMatch-

qualcommpm8250Match-

qualcommpm8350Match-

qualcommpm8350bMatch-

qualcommpm8350bhMatch-

qualcommpm8350cMatch-

qualcommpm855Match-

qualcommpm855aMatch-

qualcommpm855bMatch-

qualcommpm855lMatch-

qualcommpm855pMatch-

qualcommpmc1000hMatch-

qualcommpmd9607Match-

qualcommpmd9655Match-

qualcommpmi632Match-

qualcommpmk8002Match-

qualcommpmk8003Match-

qualcommpmk8350Match-

qualcommpmm6155auMatch-

qualcommpmm8155auMatch-

qualcommpmm8195auMatch-

qualcommpmm855auMatch-

qualcommpmp8074Match-

qualcommpmr525Match-

qualcommpmr735aMatch-

qualcommpmr735bMatch-

qualcommpmx24Match-

qualcommpmx50Match-

qualcommpmx55Match-

qualcommqat3514Match-

qualcommqat3516Match-

qualcommqat3518Match-

qualcommqat3519Match-

qualcommqat3522Match-

qualcommqat3550Match-

qualcommqat3555Match-

qualcommqat5515Match-

qualcommqat5516Match-

qualcommqat5522Match-

qualcommqat5533Match-

qualcommqat5568Match-

qualcommqbt1500Match-

qualcommqbt2000Match-

qualcommqca4024Match-

qualcommqca6175aMatch-

qualcommqca6390Match-

qualcommqca6391Match-

qualcommqca6420Match-

qualcommqca6421Match-

qualcommqca6426Match-

qualcommqca6428Match-

qualcommqca6430Match-

qualcommqca6431Match-

qualcommqca6436Match-

qualcommqca6438Match-

qualcommqca6564aMatch-

qualcommqca6564auMatch-

qualcommqca6574Match-

qualcommqca6574aMatch-

qualcommqca6574auMatch-

qualcommqca6584auMatch-

qualcommqca6595Match-

qualcommqca6595auMatch-

qualcommqca6694Match-

qualcommqca6696Match-

qualcommqca8072Match-

qualcommqca8075Match-

qualcommqca8081Match-

qualcommqca8337Match-

qualcommqca9367Match-

qualcommqca9377Match-

qualcommqca9888Match-

qualcommqca9889Match-

qualcommqca9984Match-

qualcommqcm2290Match-

qualcommqcm4290Match-

qualcommqcm6125Match-

qualcommqcn5021Match-

qualcommqcn5022Match-

qualcommqcn5024Match-

qualcommqcn5052Match-

qualcommqcn5054Match-

qualcommqcn5064Match-

qualcommqcn5121Match-

qualcommqcn5122Match-

qualcommqcn5124Match-

qualcommqcn5152Match-

qualcommqcn5154Match-

qualcommqcn5164Match-

qualcommqcn5550Match-

qualcommqcn6023Match-

qualcommqcn6024Match-

qualcommqcn7605Match-

qualcommqcn7606Match-

qualcommqcn9000Match-

qualcommqcn9012Match-

qualcommqcn9022Match-

qualcommqcn9024Match-

qualcommqcn9070Match-

qualcommqcn9072Match-

qualcommqcn9074Match-

qualcommqcn9100Match-

qualcommqcs2290Match-

qualcommqcs405Match-

qualcommqcs410Match-

qualcommqcs4290Match-

qualcommqcs610Match-

qualcommqcs6125Match-

qualcommqdm2301Match-

qualcommqdm2302Match-

qualcommqdm2305Match-

qualcommqdm2307Match-

qualcommqdm2308Match-

qualcommqdm2310Match-

qualcommqdm3301Match-

qualcommqdm4643Match-

qualcommqdm4650Match-

qualcommqdm5620Match-

qualcommqdm5621Match-

qualcommqdm5650Match-

qualcommqdm5652Match-

qualcommqdm5670Match-

qualcommqdm5671Match-

qualcommqdm5677Match-

qualcommqdm5679Match-

qualcommqet4100Match-

qualcommqet4101Match-

qualcommqet4200aqMatch-

qualcommqet5100Match-

qualcommqet5100mMatch-

qualcommqet6100Match-

qualcommqet6110Match-

qualcommqfs2530Match-

qualcommqfs2580Match-

qualcommqfs2608Match-

qualcommqfs2630Match-

qualcommqln1021aqMatch-

qualcommqln1031Match-

qualcommqln1036aqMatch-

qualcommqln4640Match-

qualcommqln4642Match-

qualcommqln4650Match-

qualcommqln5020Match-

qualcommqln5030Match-

qualcommqln5040Match-

qualcommqpa2625Match-

qualcommqpa4340Match-

qualcommqpa4360Match-

qualcommqpa4361Match-

qualcommqpa5461Match-

qualcommqpa5580Match-

qualcommqpa5581Match-

qualcommqpa6560Match-

qualcommqpa8673Match-

qualcommqpa8675Match-

qualcommqpa8686Match-

qualcommqpa8688Match-

qualcommqpa8801Match-

qualcommqpa8802Match-

qualcommqpa8803Match-

qualcommqpa8821Match-

qualcommqpa8842Match-

qualcommqpm4621Match-

qualcommqpm4630Match-

qualcommqpm4640Match-

qualcommqpm4641Match-

qualcommqpm4650Match-

qualcommqpm5541Match-

qualcommqpm5577Match-

qualcommqpm5579Match-

qualcommqpm5620Match-

qualcommqpm5621Match-

qualcommqpm5641Match-

qualcommqpm5657Match-

qualcommqpm5658Match-

qualcommqpm5670Match-

qualcommqpm5677Match-

qualcommqpm5679Match-

qualcommqpm5870Match-

qualcommqpm5875Match-

qualcommqpm6325Match-

qualcommqpm6375Match-

qualcommqpm6582Match-

qualcommqpm6585Match-

qualcommqpm6621Match-

qualcommqpm6670Match-

qualcommqpm8820Match-

qualcommqpm8830Match-

qualcommqpm8870Match-

qualcommqpm8895Match-

qualcommqsm7250Match-

qualcommqsw6310Match-

qualcommqsw8573Match-

qualcommqsw8574Match-

qualcommqtc410sMatch-

qualcommqtc800hMatch-

qualcommqtc800sMatch-

qualcommqtc801sMatch-

qualcommqtm525Match-

qualcommqtm527Match-

qualcommrsw8577Match-

qualcommsa415mMatch-

qualcommsa515mMatch-

qualcommsa6145pMatch-

qualcommsa6150pMatch-

qualcommsa6155Match-

qualcommsa6155pMatch-

qualcommsa8150pMatch-

qualcommsa8155Match-

qualcommsa8155pMatch-

qualcommsa8195pMatch-

qualcommsd460Match-

qualcommsd660Match-

qualcommsd662Match-

qualcommsd665Match-

qualcommsd675Match-

qualcommsd6905gMatch-

qualcommsd720gMatch-

qualcommsd730Match-

qualcommsd750gMatch-

qualcommsd765Match-

qualcommsd765gMatch-

qualcommsd768gMatch-

qualcommsd7cMatch-

qualcommsd855Match-

qualcommsd8655gMatch-

qualcommsd8885gMatch-

qualcommsd8cMatch-

qualcommsd8cxMatch-

qualcommsdr051Match-

qualcommsdr052Match-

qualcommsdr425Match-

qualcommsdr660Match-

qualcommsdr660gMatch-

qualcommsdr675Match-

qualcommsdr735Match-

qualcommsdr735gMatch-

qualcommsdr8150Match-

qualcommsdr8250Match-

qualcommsdr865Match-

qualcommsdx50mMatch-

qualcommsdx55Match-

qualcommsdx55mMatch-

qualcommsdxr25gMatch-

qualcommsm4125Match-

qualcommsm4350Match-

qualcommsm6250Match-

qualcommsm6250pMatch-

qualcommsm7250pMatch-

qualcommsmb1351Match-

qualcommsmb1354Match-

qualcommsmb1355Match-

qualcommsmb1381Match-

qualcommsmb1390Match-

qualcommsmb1395Match-

qualcommsmb1396Match-

qualcommsmb1398Match-

qualcommsmb231Match-

qualcommsmb2351Match-

qualcommsmr525Match-

qualcommsmr526Match-

qualcommsmr545Match-

qualcommsmr546Match-

qualcommwcd9330Match-

qualcommwcd9335Match-

qualcommwcd9340Match-

qualcommwcd9341Match-

qualcommwcd9360Match-

qualcommwcd9370Match-

qualcommwcd9371Match-

qualcommwcd9375Match-

qualcommwcd9380Match-

qualcommwcd9385Match-

qualcommwcn3910Match-

qualcommwcn3950Match-

qualcommwcn3980Match-

qualcommwcn3988Match-

qualcommwcn3990Match-

qualcommwcn3991Match-

qualcommwcn3998Match-

qualcommwcn3999Match-

qualcommwcn6750Match-

qualcommwcn6850Match-

qualcommwcn6851Match-

qualcommwcn6855Match-

qualcommwcn6856Match-

qualcommwgr7640Match-

qualcommwhs9410Match-

qualcommwsa8810Match-

qualcommwsa8815Match-

qualcommwsa8830Match-

qualcommwsa8835Match-

qualcommwtr2965Match-

qualcommwtr3925Match-

VendorProductVersionCPE
qualcommaqt1000-cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
qualcommar8031-cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*
qualcommar8035-cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
qualcommcsr8811-cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*
qualcommcsra6620-cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*
qualcommcsra6640-cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*
qualcommcsrb31024-cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*
qualcommipq5010-cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*
qualcommipq5018-cpe:2.3:h:qualcomm:ipq5018:-:*:*:*:*:*:*:*
qualcommipq6000-cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	aqt1000	-	cpe:2.3:h:qualcomm:aqt1000:-:::::::*
qualcomm	ar8031	-	cpe:2.3:h:qualcomm:ar8031:-:::::::*
qualcomm	ar8035	-	cpe:2.3:h:qualcomm:ar8035:-:::::::*
qualcomm	csr8811	-	cpe:2.3:h:qualcomm:csr8811:-:::::::*
qualcomm	csra6620	-	cpe:2.3:h:qualcomm:csra6620:-:::::::*
qualcomm	csra6640	-	cpe:2.3:h:qualcomm:csra6640:-:::::::*
qualcomm	csrb31024	-	cpe:2.3:h:qualcomm:csrb31024:-:::::::*
qualcomm	ipq5010	-	cpe:2.3:h:qualcomm:ipq5010:-:::::::*
qualcomm	ipq5018	-	cpe:2.3:h:qualcomm:ipq5018:-:::::::*
qualcomm	ipq6000	-	cpe:2.3:h:qualcomm:ipq6000:-:::::::*

Rows per page:

1-10 of 3491

CNA Affected

[
  {
    "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "AQT1000, AR8031, AR8035, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9206, PM3003A, PM4125, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8008, PM8009, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PMC1000H, PMD9607, PMD9655, PMI632, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMP8074, PMR525, PMR735A, PMR735B, PMX24, PMX50, PMX55, QAT3514, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1500, QBT2000, QCA4024, QCA6175A, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6564A, QCA6564AU, QCA6574, QCA65 ...[truncated*]"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

38.9%

JSON

Related for CVE-2020-11214