Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2020-11292

Published: 09/06/2021 Updated: 15/06/2021
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Qualcomm

Vulnerability Summary

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qualcomm apq8009_firmware -

qualcomm apq8009w_firmware -

qualcomm apq8017_firmware -

qualcomm apq8037_firmware -

qualcomm apq8053_firmware -

qualcomm apq8084_firmware -

qualcomm apq8096au_firmware -

qualcomm aqt1000_firmware -

qualcomm ar6003_firmware -

qualcomm csr6030_firmware -

qualcomm csrb31024_firmware -

qualcomm mdm8207_firmware -

qualcomm mdm8215_firmware -

qualcomm mdm8215m_firmware -

qualcomm mdm8615m_firmware -

qualcomm mdm9150_firmware -

qualcomm mdm9205_firmware -

qualcomm mdm9206_firmware -

qualcomm mdm9207_firmware -

qualcomm mdm9215_firmware -

qualcomm mdm9230_firmware -

qualcomm mdm9250_firmware -

qualcomm mdm9310_firmware -

qualcomm mdm9330_firmware -

qualcomm mdm9607_firmware -

qualcomm mdm9615_firmware -

qualcomm mdm9615m_firmware -

qualcomm mdm9625_firmware -

qualcomm mdm9628_firmware -

qualcomm mdm9630_firmware -

qualcomm mdm9635m_firmware -

qualcomm mdm9640_firmware -

qualcomm mdm9645_firmware -

qualcomm mdm9650_firmware -

qualcomm mdm9655_firmware -

qualcomm msm8108_firmware -

qualcomm msm8208_firmware -

qualcomm msm8209_firmware -

qualcomm msm8608_firmware -

qualcomm msm8909w_firmware -

qualcomm msm8917_firmware -

qualcomm msm8920_firmware -

qualcomm msm8937_firmware -

qualcomm msm8940_firmware -

qualcomm msm8953_firmware -

qualcomm msm8976_firmware -

qualcomm msm8976sg_firmware -

qualcomm msm8996au_firmware -

qualcomm qca1990_firmware -

qualcomm qca4004_firmware -

qualcomm qca6174_firmware -

qualcomm qca6174a_firmware -

qualcomm qca6310_firmware -

qualcomm qca6320_firmware -

qualcomm qca6335_firmware -

qualcomm qca6390_firmware -

qualcomm qca6391_firmware -

qualcomm qca6420_firmware -

qualcomm qca6421_firmware -

qualcomm qca6426_firmware -

qualcomm qca6430_firmware -

qualcomm qca6431_firmware -

qualcomm qca6436_firmware -

qualcomm qca6564a_firmware -

qualcomm qca6564au_firmware -

qualcomm qca6574_firmware -

qualcomm qca6574a_firmware -

qualcomm qca6574au_firmware -

qualcomm qca6584_firmware -

qualcomm qca6584au_firmware -

qualcomm qca6595au_firmware -

qualcomm qca6694_firmware -

qualcomm qca6694au_firmware -

qualcomm qca6696_firmware -

qualcomm qca9367_firmware -

qualcomm qca9377_firmware -

qualcomm qca9379_firmware -

qualcomm qcm4290_firmware -

qualcomm qcm6125_firmware -

qualcomm qcs410_firmware -

qualcomm qcs4290_firmware -

qualcomm qcs603_firmware -

qualcomm qcs605_firmware -

qualcomm qcs610_firmware -

qualcomm qcs6125_firmware -

qualcomm qet4101_firmware -

qualcomm qsw8573_firmware -

qualcomm qualcomm215_firmware -

qualcomm sa415m_firmware -

qualcomm sa515m_firmware -

qualcomm sa8155_firmware -

qualcomm sa8155p_firmware -

qualcomm sc8180x\\+sdx55_firmware -

qualcomm sd_455_firmware -

qualcomm sd_636_firmware -

qualcomm sd_675_firmware -

qualcomm sd_8c_firmware -

qualcomm sd_8cx_firmware -

qualcomm sd205_firmware -

qualcomm sd210_firmware -

qualcomm sd429_firmware -

qualcomm sd439_firmware -

qualcomm sd450_firmware -

qualcomm sd480_firmware -

qualcomm sd632_firmware -

qualcomm sd660_firmware -

qualcomm sd665_firmware -

qualcomm sd670_firmware -

qualcomm sd675_firmware -

qualcomm sd678_firmware -

qualcomm sd690_5g_firmware -

qualcomm sd710_firmware -

qualcomm sd712_firmware -

qualcomm sd720g_firmware -

qualcomm sd730_firmware -

qualcomm sd750g_firmware -

qualcomm sd765_firmware -

qualcomm sd765g_firmware -

qualcomm sd768g_firmware -

qualcomm sd820_firmware -

qualcomm sd821_firmware -

qualcomm sd835_firmware -

qualcomm sd845_firmware -

qualcomm sd850_firmware -

qualcomm sd855_firmware -

qualcomm sd865_5g_firmware -

qualcomm sd870_firmware -

qualcomm sd888_5g_firmware -

qualcomm sda429w_firmware -

qualcomm sdm429w_firmware -

qualcomm sdm630_firmware -

qualcomm sdw2500_firmware -

qualcomm sdx20_firmware -

qualcomm sdx24_firmware -

qualcomm sdx50m_firmware -

qualcomm sdx55_firmware -

qualcomm sdx55m_firmware -

qualcomm sdxr1_firmware -

qualcomm sdxr2_5g_firmware -

qualcomm sm6250_firmware -

qualcomm sm6250p_firmware -

qualcomm sm7250p_firmware -

qualcomm wcd9306_firmware -

qualcomm wcd9326_firmware -

qualcomm wcd9330_firmware -

qualcomm wcd9335_firmware -

qualcomm wcd9340_firmware -

qualcomm wcd9341_firmware -

qualcomm wcd9360_firmware -

qualcomm wcd9370_firmware -

qualcomm wcd9371_firmware -

qualcomm wcd9375_firmware -

qualcomm wcd9380_firmware -

qualcomm wcd9385_firmware -

qualcomm wcn3610_firmware -

qualcomm wcn3615_firmware -

qualcomm wcn3620_firmware -

qualcomm wcn3660_firmware -

qualcomm wcn3660b_firmware -

qualcomm wcn3680_firmware -

qualcomm wcn3680b_firmware -

qualcomm wcn3910_firmware -

qualcomm wcn3950_firmware -

qualcomm wcn3980_firmware -

qualcomm wcn3988_firmware -

qualcomm wcn3990_firmware -

qualcomm wcn3991_firmware -

qualcomm wcn3998_firmware -

qualcomm wcn6850_firmware -

qualcomm wcn6851_firmware -

qualcomm wcn6855_firmware -

qualcomm wcn6856_firmware -

qualcomm whs9410_firmware -

qualcomm wsa8810_firmware -

qualcomm wsa8815_firmware -

qualcomm wsa8830_firmware -

qualcomm wsa8835_firmware -

Recent Articles

Qualcomm Snapdragon 855 modem code flaw exposed Android smartphones to possible snooping
The Register • Gareth Corfield • 06 May 2021

Good thing researchers spotted it, no evidence of exploit in the wild

A heap overflow vulnerability in Qualcomm's Snapdragon 855 system-on-chip modem firmware, used in Android devices, could be exploited by baddies to run arbitrary code on unsuspecting users' devices, according to Check Point. The software bug, tracked as CVE-2020-11292, can be abused to trigger a heap overflow in devices that use a Qualcomm Mobile Station Modem (MSM) chip, thanks to some in-depth jiggery-pokery in the Qualcomm MSM Interface (QMI) voice service API. "If exploited, the vulnerabilit...

Read more...

References

CWE-120https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletinhttps://nvd.nist.govhttps://www.theregister.co.uk/2021/05/06/qualcomm_snapdragon_855_heap_overflow/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook