CVE-2020-11183

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVSS v3 6.7 MEDIUM
CVSS v2.0 7.2 HIGH

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin	Patch Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:qualcomm:apq8009:-:::::::*
	cpe:2.3:h:qualcomm:apq8009w:-:::::::*
	cpe:2.3:h:qualcomm:apq8017:-:::::::*
	cpe:2.3:h:qualcomm:apq8037:-:::::::*
	cpe:2.3:h:qualcomm:apq8053:-:::::::*
	cpe:2.3:h:qualcomm:apq8096au:-:::::::*
	cpe:2.3:h:qualcomm:ar8151:-:::::::*
	cpe:2.3:h:qualcomm:mdm9206:-:::::::*
	cpe:2.3:h:qualcomm:mdm9250:-:::::::*
	cpe:2.3:h:qualcomm:mdm9650:-:::::::*
	cpe:2.3:h:qualcomm:mdm9655:-:::::::*
	cpe:2.3:h:qualcomm:msm8909w:-:::::::*
	cpe:2.3:h:qualcomm:msm8917:-:::::::*
	cpe:2.3:h:qualcomm:msm8920:-:::::::*
	cpe:2.3:h:qualcomm:msm8937:-:::::::*
	cpe:2.3:h:qualcomm:msm8940:-:::::::*
	cpe:2.3:h:qualcomm:msm8953:-:::::::*
	cpe:2.3:h:qualcomm:msm8996au:-:::::::*
	cpe:2.3:h:qualcomm:pm215:-:::::::*
	cpe:2.3:h:qualcomm:pm439:-:::::::*
	cpe:2.3:h:qualcomm:pm660:-:::::::*
	cpe:2.3:h:qualcomm:pm660a:-:::::::*
	cpe:2.3:h:qualcomm:pm660l:-:::::::*
	cpe:2.3:h:qualcomm:pm8004:-:::::::*
	cpe:2.3:h:qualcomm:pm8005:-:::::::*
	cpe:2.3:h:qualcomm:pm855a:-:::::::*
	cpe:2.3:h:qualcomm:pm8909:-:::::::*
	cpe:2.3:h:qualcomm:pm8916:-:::::::*
	cpe:2.3:h:qualcomm:pm8937:-:::::::*
	cpe:2.3:h:qualcomm:pm8940:-:::::::*
	cpe:2.3:h:qualcomm:pm8953:-:::::::*
	cpe:2.3:h:qualcomm:pm8996:-:::::::*
	cpe:2.3:h:qualcomm:pm8998:-:::::::*
	cpe:2.3:h:qualcomm:pmd9607:-:::::::*
	cpe:2.3:h:qualcomm:pmd9655:-:::::::*
	cpe:2.3:h:qualcomm:pmi632:-:::::::*
	cpe:2.3:h:qualcomm:pmi8937:-:::::::*
	cpe:2.3:h:qualcomm:pmi8940:-:::::::*
	cpe:2.3:h:qualcomm:pmi8952:-:::::::*
	cpe:2.3:h:qualcomm:pmi8994:-:::::::*
	cpe:2.3:h:qualcomm:pmi8996:-:::::::*
	cpe:2.3:h:qualcomm:pmi8998:-:::::::*
	cpe:2.3:h:qualcomm:pmk8001:-:::::::*
	cpe:2.3:h:qualcomm:pmm855au:-:::::::*
	cpe:2.3:h:qualcomm:pmm8996au:-:::::::*
	cpe:2.3:h:qualcomm:pmx20:-:::::::*
	cpe:2.3:h:qualcomm:qat3514:-:::::::*
	cpe:2.3:h:qualcomm:qat3522:-:::::::*
	cpe:2.3:h:qualcomm:qat3550:-:::::::*
	cpe:2.3:h:qualcomm:qbt1000:-:::::::*
	cpe:2.3:h:qualcomm:qbt1500:-:::::::*
	cpe:2.3:h:qualcomm:qca6174a:-:::::::*
	cpe:2.3:h:qualcomm:qca6310:-:::::::*
	cpe:2.3:h:qualcomm:qca6320:-:::::::*
	cpe:2.3:h:qualcomm:qca6564a:-:::::::*
	cpe:2.3:h:qualcomm:qca6564au:-:::::::*
	cpe:2.3:h:qualcomm:qca6574a:-:::::::*
	cpe:2.3:h:qualcomm:qca6574au:-:::::::*
	cpe:2.3:h:qualcomm:qca6595:-:::::::*
	cpe:2.3:h:qualcomm:qca6595au:-:::::::*
	cpe:2.3:h:qualcomm:qca9367:-:::::::*
	cpe:2.3:h:qualcomm:qca9377:-:::::::*
	cpe:2.3:h:qualcomm:qca9379:-:::::::*
	cpe:2.3:h:qualcomm:qcc1110:-:::::::*
cpe:2.3:h:qualcomm:qet4100:-:::::::*
cpe:2.3:h:qualcomm:qet4101:-:::::::*
cpe:2.3:h:qualcomm:qet4200aq:-:::::::*
cpe:2.3:h:qualcomm:qet5100:-:::::::*
cpe:2.3:h:qualcomm:qfe2080fc:-:::::::*
cpe:2.3:h:qualcomm:qfe2081fc:-:::::::*
cpe:2.3:h:qualcomm:qfe2082fc:-:::::::*
cpe:2.3:h:qualcomm:qfe2101:-:::::::*
cpe:2.3:h:qualcomm:qfe2550:-:::::::*
cpe:2.3:h:qualcomm:qfe3100:-:::::::*
cpe:2.3:h:qualcomm:qfe3440fc:-:::::::*
cpe:2.3:h:qualcomm:qfe4301:-:::::::*
cpe:2.3:h:qualcomm:qfe4302:-:::::::*
cpe:2.3:h:qualcomm:qfe4303:-:::::::*
cpe:2.3:h:qualcomm:qfe4305:-:::::::*
cpe:2.3:h:qualcomm:qfe4308:-:::::::*
cpe:2.3:h:qualcomm:qfe4309:-:::::::*
cpe:2.3:h:qualcomm:qfe4320:-:::::::*
cpe:2.3:h:qualcomm:qfe4373fc:-:::::::*
cpe:2.3:h:qualcomm:qfe4455fc:-:::::::*
cpe:2.3:h:qualcomm:qfe4465fc:-:::::::*
cpe:2.3:h:qualcomm:qln1021aq:-:::::::*
cpe:2.3:h:qualcomm:qln1030:-:::::::*
cpe:2.3:h:qualcomm:qln1031:-:::::::*
cpe:2.3:h:qualcomm:qln1035bd:-:::::::*
cpe:2.3:h:qualcomm:qln1036aq:-:::::::*
cpe:2.3:h:qualcomm:qpa4340:-:::::::*
cpe:2.3:h:qualcomm:qpa4360:-:::::::*
cpe:2.3:h:qualcomm:qpa5373:-:::::::*
cpe:2.3:h:qualcomm:qpa5460:-:::::::*
cpe:2.3:h:qualcomm:qsw8573:-:::::::*
cpe:2.3:h:qualcomm:qtc800h:-:::::::*
cpe:2.3:h:qualcomm:qtc800s:-:::::::*
cpe:2.3:h:qualcomm:qtc800t:-:::::::*
cpe:2.3:h:qualcomm:qtc801s:-:::::::*
cpe:2.3:h:qualcomm:qualcomm215:-:::::::*
cpe:2.3:h:qualcomm:rgr7640au:-:::::::*
cpe:2.3:h:qualcomm:rsw8577:-:::::::*
cpe:2.3:h:qualcomm:sd439:-:::::::*
cpe:2.3:h:qualcomm:sd450:-:::::::*
cpe:2.3:h:qualcomm:sd636:-:::::::*
cpe:2.3:h:qualcomm:sd660:-:::::::*
cpe:2.3:h:qualcomm:sd710:-:::::::*
cpe:2.3:h:qualcomm:sd712:-:::::::*
cpe:2.3:h:qualcomm:sd820:-:::::::*
cpe:2.3:h:qualcomm:sd821:-:::::::*
cpe:2.3:h:qualcomm:sd835:-:::::::*
cpe:2.3:h:qualcomm:sdm630:-:::::::*
cpe:2.3:h:qualcomm:sdm830:-:::::::*
cpe:2.3:h:qualcomm:sdr051:-:::::::*
cpe:2.3:h:qualcomm:sdr052:-:::::::*
cpe:2.3:h:qualcomm:sdr660:-:::::::*
cpe:2.3:h:qualcomm:sdw2500:-:::::::*
cpe:2.3:h:qualcomm:sdw3100:-:::::::*
cpe:2.3:h:qualcomm:sdx20:-:::::::*
cpe:2.3:h:qualcomm:sdx20m:-:::::::*
cpe:2.3:h:qualcomm:sdx50m:-:::::::*
cpe:2.3:h:qualcomm:smb1350:-:::::::*
cpe:2.3:h:qualcomm:smb1351:-:::::::*
cpe:2.3:h:qualcomm:smb1355:-:::::::*
cpe:2.3:h:qualcomm:smb1357:-:::::::*
cpe:2.3:h:qualcomm:smb1358:-:::::::*
cpe:2.3:h:qualcomm:smb1360:-:::::::*
cpe:2.3:h:qualcomm:smb1380:-:::::::*
cpe:2.3:h:qualcomm:smb231:-:::::::*
cpe:2.3:h:qualcomm:wcd9326:-:::::::*
cpe:2.3:h:qualcomm:wcd9330:-:::::::*
cpe:2.3:h:qualcomm:wcd9335:-:::::::*
cpe:2.3:h:qualcomm:wcd9340:-:::::::*
cpe:2.3:h:qualcomm:wcd9341:-:::::::*
cpe:2.3:h:qualcomm:wcn3615:-:::::::*
cpe:2.3:h:qualcomm:wcn3620:-:::::::*
cpe:2.3:h:qualcomm:wcn3660b:-:::::::*
cpe:2.3:h:qualcomm:wcn3680:-:::::::*
cpe:2.3:h:qualcomm:wcn3680b:-:::::::*
cpe:2.3:h:qualcomm:wcn3980:-:::::::*
cpe:2.3:h:qualcomm:wcn3990:-:::::::*
cpe:2.3:h:qualcomm:wgr7640:-:::::::*
cpe:2.3:h:qualcomm:wsa8810:-:::::::*
cpe:2.3:h:qualcomm:wsa8815:-:::::::*
cpe:2.3:h:qualcomm:wtr2955:-:::::::*
cpe:2.3:h:qualcomm:wtr2965:-:::::::*
cpe:2.3:h:qualcomm:wtr3905:-:::::::*
cpe:2.3:h:qualcomm:wtr3925:-:::::::*
cpe:2.3:h:qualcomm:wtr3950:-:::::::*
cpe:2.3:h:qualcomm:wtr4905:-:::::::*
cpe:2.3:h:qualcomm:wtr5975:-:::::::*

History

21 Nov 2024, 04:57

Type	Values Removed	Values Added
References	~~() https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin - Broken Link~~	() https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin - Broken Link

Information

Published : 2021-01-21 10:15

Updated : 2024-11-21 04:57

NVD link : CVE-2020-11183

Mitre link : CVE-2020-11183

CVE.ORG link : CVE-2020-11183

JSON object : View

Products Affected

qualcomm

qfe4309
pm660a
rsw8577
msm8920
msm8940
qfe4373fc
qfe2550
sd660
sdr052
qfe3440fc
qtc800s
wcn3615
pm8940
pm8004
sd820
pm855a
wcn3660b
wcn3990
wcd9330
qtc800t
pmd9655
msm8909w
qfe4308
qca6320
sdm830
qbt1500
qfe2082fc
smb1355
wcd9326
pm8937
wtr4905
qca9379
qfe4301
apq8053
apq8037
sd835
wtr3950
qfe3100
qfe2080fc
qpa4360
pm8909
apq8009
qpa5373
qca6595au
qca6564a
pmi632
smb1360
pmi8952
wtr2955
qca6310
pmi8940
qfe2081fc
qfe4320
pmi8996
pm8953
smb1350
pmm8996au
qfe4305
pm660
qet5100
qcc1110
ar8151
wtr3925
apq8096au
wtr3905
wtr2965
pm660l
qca9367
sdr051
qet4101
msm8917
qfe4465fc
mdm9250
qca6174a
mdm9206
pmm855au
qualcomm215
smb1351
sd712
qsw8573
qln1035bd
sd636
smb1358
qca9377
pmx20
msm8953
qat3514
qat3550
sdx50m
pm8996
qtc801s
pmk8001
qet4200aq
qpa5460
sdw2500
wcd9340
wsa8815
wcn3980
sdw3100
qca6574au
pmi8994
pm215
qfe4302
pmd9607
apq8017
qat3522
sd439
rgr7640au
wsa8810
wcn3680
wcd9335
smb231
sd450
qpa4340
sdr660
wcd9341
pmi8937
pm8916
qfe4455fc
qtc800h
mdm9655
mdm9650
msm8996au
msm8937
qln1030
pm8005
sdx20
qfe2101
apq8009w
qln1036aq
qca6595
wtr5975
sd821
qbt1000
sdm630
qet4100
sdx20m
qca6564au
qfe4303
smb1380
wcn3680b
qln1031
qca6574a
pm439
wcn3620
sd710
smb1357
wgr7640
qln1021aq
pmi8998
pm8998

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

6.7 /10