CVE-2020-11183

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVSS v3 6.7 MEDIUM
CVSS v2.0 7.2 HIGH

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin	Patch Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:qualcomm:apq8009:-:::::::*
	cpe:2.3:h:qualcomm:apq8009w:-:::::::*
	cpe:2.3:h:qualcomm:apq8017:-:::::::*
	cpe:2.3:h:qualcomm:apq8037:-:::::::*
	cpe:2.3:h:qualcomm:apq8053:-:::::::*
	cpe:2.3:h:qualcomm:apq8096au:-:::::::*
	cpe:2.3:h:qualcomm:ar8151:-:::::::*
	cpe:2.3:h:qualcomm:mdm9206:-:::::::*
	cpe:2.3:h:qualcomm:mdm9250:-:::::::*
	cpe:2.3:h:qualcomm:mdm9650:-:::::::*
	cpe:2.3:h:qualcomm:mdm9655:-:::::::*
	cpe:2.3:h:qualcomm:msm8909w:-:::::::*
	cpe:2.3:h:qualcomm:msm8917:-:::::::*
	cpe:2.3:h:qualcomm:msm8920:-:::::::*
	cpe:2.3:h:qualcomm:msm8937:-:::::::*
	cpe:2.3:h:qualcomm:msm8940:-:::::::*
	cpe:2.3:h:qualcomm:msm8953:-:::::::*
	cpe:2.3:h:qualcomm:msm8996au:-:::::::*
	cpe:2.3:h:qualcomm:pm215:-:::::::*
	cpe:2.3:h:qualcomm:pm439:-:::::::*
	cpe:2.3:h:qualcomm:pm660:-:::::::*
	cpe:2.3:h:qualcomm:pm660a:-:::::::*
	cpe:2.3:h:qualcomm:pm660l:-:::::::*
	cpe:2.3:h:qualcomm:pm8004:-:::::::*
	cpe:2.3:h:qualcomm:pm8005:-:::::::*
	cpe:2.3:h:qualcomm:pm855a:-:::::::*
	cpe:2.3:h:qualcomm:pm8909:-:::::::*
	cpe:2.3:h:qualcomm:pm8916:-:::::::*
	cpe:2.3:h:qualcomm:pm8937:-:::::::*
	cpe:2.3:h:qualcomm:pm8940:-:::::::*
	cpe:2.3:h:qualcomm:pm8953:-:::::::*
	cpe:2.3:h:qualcomm:pm8996:-:::::::*
	cpe:2.3:h:qualcomm:pm8998:-:::::::*
	cpe:2.3:h:qualcomm:pmd9607:-:::::::*
	cpe:2.3:h:qualcomm:pmd9655:-:::::::*
	cpe:2.3:h:qualcomm:pmi632:-:::::::*
	cpe:2.3:h:qualcomm:pmi8937:-:::::::*
	cpe:2.3:h:qualcomm:pmi8940:-:::::::*
	cpe:2.3:h:qualcomm:pmi8952:-:::::::*
	cpe:2.3:h:qualcomm:pmi8994:-:::::::*
	cpe:2.3:h:qualcomm:pmi8996:-:::::::*
	cpe:2.3:h:qualcomm:pmi8998:-:::::::*
	cpe:2.3:h:qualcomm:pmk8001:-:::::::*
	cpe:2.3:h:qualcomm:pmm855au:-:::::::*
	cpe:2.3:h:qualcomm:pmm8996au:-:::::::*
	cpe:2.3:h:qualcomm:pmx20:-:::::::*
	cpe:2.3:h:qualcomm:qat3514:-:::::::*
	cpe:2.3:h:qualcomm:qat3522:-:::::::*
	cpe:2.3:h:qualcomm:qat3550:-:::::::*
	cpe:2.3:h:qualcomm:qbt1000:-:::::::*
	cpe:2.3:h:qualcomm:qbt1500:-:::::::*
	cpe:2.3:h:qualcomm:qca6174a:-:::::::*
	cpe:2.3:h:qualcomm:qca6310:-:::::::*
	cpe:2.3:h:qualcomm:qca6320:-:::::::*
	cpe:2.3:h:qualcomm:qca6564a:-:::::::*
	cpe:2.3:h:qualcomm:qca6564au:-:::::::*
	cpe:2.3:h:qualcomm:qca6574a:-:::::::*
	cpe:2.3:h:qualcomm:qca6574au:-:::::::*
	cpe:2.3:h:qualcomm:qca6595:-:::::::*
	cpe:2.3:h:qualcomm:qca6595au:-:::::::*
	cpe:2.3:h:qualcomm:qca9367:-:::::::*
	cpe:2.3:h:qualcomm:qca9377:-:::::::*
	cpe:2.3:h:qualcomm:qca9379:-:::::::*
	cpe:2.3:h:qualcomm:qcc1110:-:::::::*
cpe:2.3:h:qualcomm:qet4100:-:::::::*
cpe:2.3:h:qualcomm:qet4101:-:::::::*
cpe:2.3:h:qualcomm:qet4200aq:-:::::::*
cpe:2.3:h:qualcomm:qet5100:-:::::::*
cpe:2.3:h:qualcomm:qfe2080fc:-:::::::*
cpe:2.3:h:qualcomm:qfe2081fc:-:::::::*
cpe:2.3:h:qualcomm:qfe2082fc:-:::::::*
cpe:2.3:h:qualcomm:qfe2101:-:::::::*
cpe:2.3:h:qualcomm:qfe2550:-:::::::*
cpe:2.3:h:qualcomm:qfe3100:-:::::::*
cpe:2.3:h:qualcomm:qfe3440fc:-:::::::*
cpe:2.3:h:qualcomm:qfe4301:-:::::::*
cpe:2.3:h:qualcomm:qfe4302:-:::::::*
cpe:2.3:h:qualcomm:qfe4303:-:::::::*
cpe:2.3:h:qualcomm:qfe4305:-:::::::*
cpe:2.3:h:qualcomm:qfe4308:-:::::::*
cpe:2.3:h:qualcomm:qfe4309:-:::::::*
cpe:2.3:h:qualcomm:qfe4320:-:::::::*
cpe:2.3:h:qualcomm:qfe4373fc:-:::::::*
cpe:2.3:h:qualcomm:qfe4455fc:-:::::::*
cpe:2.3:h:qualcomm:qfe4465fc:-:::::::*
cpe:2.3:h:qualcomm:qln1021aq:-:::::::*
cpe:2.3:h:qualcomm:qln1030:-:::::::*
cpe:2.3:h:qualcomm:qln1031:-:::::::*
cpe:2.3:h:qualcomm:qln1035bd:-:::::::*
cpe:2.3:h:qualcomm:qln1036aq:-:::::::*
cpe:2.3:h:qualcomm:qpa4340:-:::::::*
cpe:2.3:h:qualcomm:qpa4360:-:::::::*
cpe:2.3:h:qualcomm:qpa5373:-:::::::*
cpe:2.3:h:qualcomm:qpa5460:-:::::::*
cpe:2.3:h:qualcomm:qsw8573:-:::::::*
cpe:2.3:h:qualcomm:qtc800h:-:::::::*
cpe:2.3:h:qualcomm:qtc800s:-:::::::*
cpe:2.3:h:qualcomm:qtc800t:-:::::::*
cpe:2.3:h:qualcomm:qtc801s:-:::::::*
cpe:2.3:h:qualcomm:qualcomm215:-:::::::*
cpe:2.3:h:qualcomm:rgr7640au:-:::::::*
cpe:2.3:h:qualcomm:rsw8577:-:::::::*
cpe:2.3:h:qualcomm:sd439:-:::::::*
cpe:2.3:h:qualcomm:sd450:-:::::::*
cpe:2.3:h:qualcomm:sd636:-:::::::*
cpe:2.3:h:qualcomm:sd660:-:::::::*
cpe:2.3:h:qualcomm:sd710:-:::::::*
cpe:2.3:h:qualcomm:sd712:-:::::::*
cpe:2.3:h:qualcomm:sd820:-:::::::*
cpe:2.3:h:qualcomm:sd821:-:::::::*
cpe:2.3:h:qualcomm:sd835:-:::::::*
cpe:2.3:h:qualcomm:sdm630:-:::::::*
cpe:2.3:h:qualcomm:sdm830:-:::::::*
cpe:2.3:h:qualcomm:sdr051:-:::::::*
cpe:2.3:h:qualcomm:sdr052:-:::::::*
cpe:2.3:h:qualcomm:sdr660:-:::::::*
cpe:2.3:h:qualcomm:sdw2500:-:::::::*
cpe:2.3:h:qualcomm:sdw3100:-:::::::*
cpe:2.3:h:qualcomm:sdx20:-:::::::*
cpe:2.3:h:qualcomm:sdx20m:-:::::::*
cpe:2.3:h:qualcomm:sdx50m:-:::::::*
cpe:2.3:h:qualcomm:smb1350:-:::::::*
cpe:2.3:h:qualcomm:smb1351:-:::::::*
cpe:2.3:h:qualcomm:smb1355:-:::::::*
cpe:2.3:h:qualcomm:smb1357:-:::::::*
cpe:2.3:h:qualcomm:smb1358:-:::::::*
cpe:2.3:h:qualcomm:smb1360:-:::::::*
cpe:2.3:h:qualcomm:smb1380:-:::::::*
cpe:2.3:h:qualcomm:smb231:-:::::::*
cpe:2.3:h:qualcomm:wcd9326:-:::::::*
cpe:2.3:h:qualcomm:wcd9330:-:::::::*
cpe:2.3:h:qualcomm:wcd9335:-:::::::*
cpe:2.3:h:qualcomm:wcd9340:-:::::::*
cpe:2.3:h:qualcomm:wcd9341:-:::::::*
cpe:2.3:h:qualcomm:wcn3615:-:::::::*
cpe:2.3:h:qualcomm:wcn3620:-:::::::*
cpe:2.3:h:qualcomm:wcn3660b:-:::::::*
cpe:2.3:h:qualcomm:wcn3680:-:::::::*
cpe:2.3:h:qualcomm:wcn3680b:-:::::::*
cpe:2.3:h:qualcomm:wcn3980:-:::::::*
cpe:2.3:h:qualcomm:wcn3990:-:::::::*
cpe:2.3:h:qualcomm:wgr7640:-:::::::*
cpe:2.3:h:qualcomm:wsa8810:-:::::::*
cpe:2.3:h:qualcomm:wsa8815:-:::::::*
cpe:2.3:h:qualcomm:wtr2955:-:::::::*
cpe:2.3:h:qualcomm:wtr2965:-:::::::*
cpe:2.3:h:qualcomm:wtr3905:-:::::::*
cpe:2.3:h:qualcomm:wtr3925:-:::::::*
cpe:2.3:h:qualcomm:wtr3950:-:::::::*
cpe:2.3:h:qualcomm:wtr4905:-:::::::*
cpe:2.3:h:qualcomm:wtr5975:-:::::::*

History

21 Nov 2024, 04:57

Type	Values Removed	Values Added
References	~~() https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin - Broken Link~~	() https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin - Broken Link

Information

Published : 2021-01-21 10:15

Updated : 2024-11-21 04:57

NVD link : CVE-2020-11183

Mitre link : CVE-2020-11183

CVE.ORG link : CVE-2020-11183

JSON object : View

Products Affected

qualcomm

wcn3980
qca6574a
qat3514
pm8996
mdm9650
qfe4305
qbt1000
qfe3440fc
wcn3680b
wtr3905
wsa8815
qfe2101
pmm8996au
pm660l
sd636
sdm830
sd820
qln1035bd
sd660
qfe2080fc
sd712
sd835
pmk8001
qsw8573
qet5100
wcd9340
pmm855au
qln1036aq
wtr2965
sd710
rsw8577
qln1021aq
qpa5460
qtc800h
mdm9206
sdx20
qet4100
qfe2081fc
msm8953
qpa4340
qfe3100
qca9377
mdm9250
wcd9330
wtr5975
qfe4465fc
pmd9607
qfe4302
pm8004
smb1360
qca9367
wtr3925
sdx50m
wtr4905
pmi632
ar8151
qca6595
qfe4320
qfe4455fc
rgr7640au
qca6320
qtc801s
pm855a
qfe4373fc
apq8009w
wgr7640
msm8920
smb1380
qfe2550
pm8940
msm8940
qat3550
pm8909
wtr2955
wcn3620
msm8909w
smb1351
qat3522
qca6574au
qet4200aq
smb1357
sd439
pm8998
wcd9341
qualcomm215
smb1350
smb1355
smb231
smb1358
pm8916
mdm9655
pm8937
qfe4309
pmx20
pm8005
qca9379
wcd9326
msm8996au
qfe2082fc
qbt1500
pm8953
qca6564au
pmi8940
pmi8998
qpa4360
qtc800t
pm439
pm215
sdw3100
wcn3680
qln1030
qcc1110
qet4101
qln1031
pmi8996
pmi8994
sdm630
sdx20m
wcd9335
qca6310
msm8917
apq8037
pm660a
sdr660
apq8017
msm8937
pmi8952
qfe4303
pmi8937
wcn3615
wsa8810
sdw2500
qca6174a
wcn3990
apq8096au
qfe4301
qca6595au
qtc800s
pmd9655
wtr3950
sdr052
apq8009
qpa5373
sd450
wcn3660b
sd821
qca6564a
apq8053
sdr051
pm660
qfe4308

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

6.7 /10