Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2020-11208

Published: 12/11/2020 Updated: 19/10/2022
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Qualcomm

Vulnerability Summary

Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument' in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qualcomm sd820_firmware -

qualcomm sd821_firmware -

qualcomm qcs603_firmware -

qualcomm qcs605_firmware -

qualcomm sda855_firmware -

qualcomm sa6155p_firmware -

qualcomm sa6145p_firmware -

qualcomm sa6155_firmware -

qualcomm sd855_firmware -

qualcomm sd675_firmware -

qualcomm sd660_firmware -

qualcomm sd429_firmware -

qualcomm sd439_firmware -

Recent Articles

What happens when holes perfect for spyware are found in the engine room of millions of Qualcomm-based phones? Let's find out
The Register • Thomas Claburn in San Francisco • 07 Aug 2020

Start the clock on those patches – they'll be coming any day, week, month soon As the world descends into madness, it's good to see some things never change: Monthly Android patches

DEF CON In July, the makers of millions of smartphones powered by Qualcomm's Snapdragon system-on-chips received mitigation recommendations to address a bevy of security flaws in their products, all introduced by Qualcomm's technology. Those software-level vulnerabilities, which apparently affect potentially more than 40 per cent of cellphones worldwide, were outlined this week at the now-virtual DEF CON hacking conference. Infosec experts at Check Point Research on Thursday reported finding mor...

Read more...

References

CWE-191https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletinhttps://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/https://nvd.nist.govhttps://www.theregister.co.uk/2020/08/07/qualcomm_chips_brimming_with_somewhat/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook