Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2020-11201

Published: 12/11/2020 Updated: 30/12/2021
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA845, SDM640, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qualcomm qcm6125_firmware -

qualcomm qcs410_firmware -

qualcomm qcs603_firmware -

qualcomm qcs605_firmware -

qualcomm qcs610_firmware -

qualcomm qcs6125_firmware -

qualcomm sa6145p_firmware -

qualcomm sa6155_firmware -

qualcomm sa6155p_firmware -

qualcomm sa8155_firmware -

qualcomm sa8155p_firmware -

qualcomm sda640_firmware -

qualcomm sda845_firmware -

qualcomm sdm640_firmware -

qualcomm sdm830_firmware -

qualcomm sdm845_firmware -

qualcomm sdx50m_firmware -

qualcomm sdx55_firmware -

qualcomm sdx55m_firmware -

qualcomm sm6125_firmware -

qualcomm sm6150_firmware -

qualcomm sm6250_firmware -

qualcomm sm6250p_firmware -

qualcomm sm7125_firmware -

qualcomm sm7150_firmware -

qualcomm sm7150p_firmware -

qualcomm sm8150_firmware -

qualcomm sm8150p_firmware -

Recent Articles

What happens when holes perfect for spyware are found in the engine room of millions of Qualcomm-based phones? Let's find out
The Register • Thomas Claburn in San Francisco • 07 Aug 2020

Start the clock on those patches – they'll be coming any day, week, month soon As the world descends into madness, it's good to see some things never change: Monthly Android patches

DEF CON In July, the makers of millions of smartphones powered by Qualcomm's Snapdragon system-on-chips received mitigation recommendations to address a bevy of security flaws in their products, all introduced by Qualcomm's technology. Those software-level vulnerabilities, which apparently affect potentially more than 40 per cent of cellphones worldwide, were outlined this week at the now-virtual DEF CON hacking conference. Infosec experts at Check Point Research on Thursday reported finding mor...

Read more...

References

CWE-20https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletinhttps://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/https://nvd.nist.govhttps://www.theregister.co.uk/2020/08/07/qualcomm_chips_brimming_with_somewhat/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073CVE-2024-5496CVE-2024-5495XPath injectionbypassCVE-2024-30043CVE-2024-24919denial of serviceCVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook