CVE-2020-11183

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVSS v3 6.7 MEDIUM
CVSS v2.0 7.2 HIGH

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin	Patch Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:qualcomm:apq8009:-:::::::*
	cpe:2.3:h:qualcomm:apq8009w:-:::::::*
	cpe:2.3:h:qualcomm:apq8017:-:::::::*
	cpe:2.3:h:qualcomm:apq8037:-:::::::*
	cpe:2.3:h:qualcomm:apq8053:-:::::::*
	cpe:2.3:h:qualcomm:apq8096au:-:::::::*
	cpe:2.3:h:qualcomm:ar8151:-:::::::*
	cpe:2.3:h:qualcomm:mdm9206:-:::::::*
	cpe:2.3:h:qualcomm:mdm9250:-:::::::*
	cpe:2.3:h:qualcomm:mdm9650:-:::::::*
	cpe:2.3:h:qualcomm:mdm9655:-:::::::*
	cpe:2.3:h:qualcomm:msm8909w:-:::::::*
	cpe:2.3:h:qualcomm:msm8917:-:::::::*
	cpe:2.3:h:qualcomm:msm8920:-:::::::*
	cpe:2.3:h:qualcomm:msm8937:-:::::::*
	cpe:2.3:h:qualcomm:msm8940:-:::::::*
	cpe:2.3:h:qualcomm:msm8953:-:::::::*
	cpe:2.3:h:qualcomm:msm8996au:-:::::::*
	cpe:2.3:h:qualcomm:pm215:-:::::::*
	cpe:2.3:h:qualcomm:pm439:-:::::::*
	cpe:2.3:h:qualcomm:pm660:-:::::::*
	cpe:2.3:h:qualcomm:pm660a:-:::::::*
	cpe:2.3:h:qualcomm:pm660l:-:::::::*
	cpe:2.3:h:qualcomm:pm8004:-:::::::*
	cpe:2.3:h:qualcomm:pm8005:-:::::::*
	cpe:2.3:h:qualcomm:pm855a:-:::::::*
	cpe:2.3:h:qualcomm:pm8909:-:::::::*
	cpe:2.3:h:qualcomm:pm8916:-:::::::*
	cpe:2.3:h:qualcomm:pm8937:-:::::::*
	cpe:2.3:h:qualcomm:pm8940:-:::::::*
	cpe:2.3:h:qualcomm:pm8953:-:::::::*
	cpe:2.3:h:qualcomm:pm8996:-:::::::*
	cpe:2.3:h:qualcomm:pm8998:-:::::::*
	cpe:2.3:h:qualcomm:pmd9607:-:::::::*
	cpe:2.3:h:qualcomm:pmd9655:-:::::::*
	cpe:2.3:h:qualcomm:pmi632:-:::::::*
	cpe:2.3:h:qualcomm:pmi8937:-:::::::*
	cpe:2.3:h:qualcomm:pmi8940:-:::::::*
	cpe:2.3:h:qualcomm:pmi8952:-:::::::*
	cpe:2.3:h:qualcomm:pmi8994:-:::::::*
	cpe:2.3:h:qualcomm:pmi8996:-:::::::*
	cpe:2.3:h:qualcomm:pmi8998:-:::::::*
	cpe:2.3:h:qualcomm:pmk8001:-:::::::*
	cpe:2.3:h:qualcomm:pmm855au:-:::::::*
	cpe:2.3:h:qualcomm:pmm8996au:-:::::::*
	cpe:2.3:h:qualcomm:pmx20:-:::::::*
	cpe:2.3:h:qualcomm:qat3514:-:::::::*
	cpe:2.3:h:qualcomm:qat3522:-:::::::*
	cpe:2.3:h:qualcomm:qat3550:-:::::::*
	cpe:2.3:h:qualcomm:qbt1000:-:::::::*
	cpe:2.3:h:qualcomm:qbt1500:-:::::::*
	cpe:2.3:h:qualcomm:qca6174a:-:::::::*
	cpe:2.3:h:qualcomm:qca6310:-:::::::*
	cpe:2.3:h:qualcomm:qca6320:-:::::::*
	cpe:2.3:h:qualcomm:qca6564a:-:::::::*
	cpe:2.3:h:qualcomm:qca6564au:-:::::::*
	cpe:2.3:h:qualcomm:qca6574a:-:::::::*
	cpe:2.3:h:qualcomm:qca6574au:-:::::::*
	cpe:2.3:h:qualcomm:qca6595:-:::::::*
	cpe:2.3:h:qualcomm:qca6595au:-:::::::*
	cpe:2.3:h:qualcomm:qca9367:-:::::::*
	cpe:2.3:h:qualcomm:qca9377:-:::::::*
	cpe:2.3:h:qualcomm:qca9379:-:::::::*
	cpe:2.3:h:qualcomm:qcc1110:-:::::::*
cpe:2.3:h:qualcomm:qet4100:-:::::::*
cpe:2.3:h:qualcomm:qet4101:-:::::::*
cpe:2.3:h:qualcomm:qet4200aq:-:::::::*
cpe:2.3:h:qualcomm:qet5100:-:::::::*
cpe:2.3:h:qualcomm:qfe2080fc:-:::::::*
cpe:2.3:h:qualcomm:qfe2081fc:-:::::::*
cpe:2.3:h:qualcomm:qfe2082fc:-:::::::*
cpe:2.3:h:qualcomm:qfe2101:-:::::::*
cpe:2.3:h:qualcomm:qfe2550:-:::::::*
cpe:2.3:h:qualcomm:qfe3100:-:::::::*
cpe:2.3:h:qualcomm:qfe3440fc:-:::::::*
cpe:2.3:h:qualcomm:qfe4301:-:::::::*
cpe:2.3:h:qualcomm:qfe4302:-:::::::*
cpe:2.3:h:qualcomm:qfe4303:-:::::::*
cpe:2.3:h:qualcomm:qfe4305:-:::::::*
cpe:2.3:h:qualcomm:qfe4308:-:::::::*
cpe:2.3:h:qualcomm:qfe4309:-:::::::*
cpe:2.3:h:qualcomm:qfe4320:-:::::::*
cpe:2.3:h:qualcomm:qfe4373fc:-:::::::*
cpe:2.3:h:qualcomm:qfe4455fc:-:::::::*
cpe:2.3:h:qualcomm:qfe4465fc:-:::::::*
cpe:2.3:h:qualcomm:qln1021aq:-:::::::*
cpe:2.3:h:qualcomm:qln1030:-:::::::*
cpe:2.3:h:qualcomm:qln1031:-:::::::*
cpe:2.3:h:qualcomm:qln1035bd:-:::::::*
cpe:2.3:h:qualcomm:qln1036aq:-:::::::*
cpe:2.3:h:qualcomm:qpa4340:-:::::::*
cpe:2.3:h:qualcomm:qpa4360:-:::::::*
cpe:2.3:h:qualcomm:qpa5373:-:::::::*
cpe:2.3:h:qualcomm:qpa5460:-:::::::*
cpe:2.3:h:qualcomm:qsw8573:-:::::::*
cpe:2.3:h:qualcomm:qtc800h:-:::::::*
cpe:2.3:h:qualcomm:qtc800s:-:::::::*
cpe:2.3:h:qualcomm:qtc800t:-:::::::*
cpe:2.3:h:qualcomm:qtc801s:-:::::::*
cpe:2.3:h:qualcomm:qualcomm215:-:::::::*
cpe:2.3:h:qualcomm:rgr7640au:-:::::::*
cpe:2.3:h:qualcomm:rsw8577:-:::::::*
cpe:2.3:h:qualcomm:sd439:-:::::::*
cpe:2.3:h:qualcomm:sd450:-:::::::*
cpe:2.3:h:qualcomm:sd636:-:::::::*
cpe:2.3:h:qualcomm:sd660:-:::::::*
cpe:2.3:h:qualcomm:sd710:-:::::::*
cpe:2.3:h:qualcomm:sd712:-:::::::*
cpe:2.3:h:qualcomm:sd820:-:::::::*
cpe:2.3:h:qualcomm:sd821:-:::::::*
cpe:2.3:h:qualcomm:sd835:-:::::::*
cpe:2.3:h:qualcomm:sdm630:-:::::::*
cpe:2.3:h:qualcomm:sdm830:-:::::::*
cpe:2.3:h:qualcomm:sdr051:-:::::::*
cpe:2.3:h:qualcomm:sdr052:-:::::::*
cpe:2.3:h:qualcomm:sdr660:-:::::::*
cpe:2.3:h:qualcomm:sdw2500:-:::::::*
cpe:2.3:h:qualcomm:sdw3100:-:::::::*
cpe:2.3:h:qualcomm:sdx20:-:::::::*
cpe:2.3:h:qualcomm:sdx20m:-:::::::*
cpe:2.3:h:qualcomm:sdx50m:-:::::::*
cpe:2.3:h:qualcomm:smb1350:-:::::::*
cpe:2.3:h:qualcomm:smb1351:-:::::::*
cpe:2.3:h:qualcomm:smb1355:-:::::::*
cpe:2.3:h:qualcomm:smb1357:-:::::::*
cpe:2.3:h:qualcomm:smb1358:-:::::::*
cpe:2.3:h:qualcomm:smb1360:-:::::::*
cpe:2.3:h:qualcomm:smb1380:-:::::::*
cpe:2.3:h:qualcomm:smb231:-:::::::*
cpe:2.3:h:qualcomm:wcd9326:-:::::::*
cpe:2.3:h:qualcomm:wcd9330:-:::::::*
cpe:2.3:h:qualcomm:wcd9335:-:::::::*
cpe:2.3:h:qualcomm:wcd9340:-:::::::*
cpe:2.3:h:qualcomm:wcd9341:-:::::::*
cpe:2.3:h:qualcomm:wcn3615:-:::::::*
cpe:2.3:h:qualcomm:wcn3620:-:::::::*
cpe:2.3:h:qualcomm:wcn3660b:-:::::::*
cpe:2.3:h:qualcomm:wcn3680:-:::::::*
cpe:2.3:h:qualcomm:wcn3680b:-:::::::*
cpe:2.3:h:qualcomm:wcn3980:-:::::::*
cpe:2.3:h:qualcomm:wcn3990:-:::::::*
cpe:2.3:h:qualcomm:wgr7640:-:::::::*
cpe:2.3:h:qualcomm:wsa8810:-:::::::*
cpe:2.3:h:qualcomm:wsa8815:-:::::::*
cpe:2.3:h:qualcomm:wtr2955:-:::::::*
cpe:2.3:h:qualcomm:wtr2965:-:::::::*
cpe:2.3:h:qualcomm:wtr3905:-:::::::*
cpe:2.3:h:qualcomm:wtr3925:-:::::::*
cpe:2.3:h:qualcomm:wtr3950:-:::::::*
cpe:2.3:h:qualcomm:wtr4905:-:::::::*
cpe:2.3:h:qualcomm:wtr5975:-:::::::*

History

21 Nov 2024, 04:57

Type	Values Removed	Values Added
References	~~() https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin - Broken Link~~	() https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin - Broken Link

Information

Published : 2021-01-21 10:15

Updated : 2024-11-21 04:57

NVD link : CVE-2020-11183

Mitre link : CVE-2020-11183

CVE.ORG link : CVE-2020-11183

JSON object : View

Products Affected

qualcomm

qtc801s
qca9379
sd821
pmi632
qet5100
qfe2082fc
pmm8996au
sd660
msm8909w
qpa5373
pm8940
qpa4340
qln1031
pm8998
sd710
qfe4303
pm439
pmi8996
sd712
qtc800s
wcn3615
qln1036aq
mdm9250
ar8151
wcn3660b
qfe4305
wcd9341
smb1351
wcd9340
sdw2500
wtr3905
sdm630
qca6595
apq8009
apq8053
rsw8577
wcn3680b
wtr2955
qualcomm215
qfe2081fc
qfe4308
wgr7640
qtc800t
smb231
qca6564au
wtr4905
qln1021aq
sdx20m
smb1360
wtr2965
qfe4302
wsa8815
msm8920
qat3550
pmi8994
qat3522
sdr052
qfe4301
apq8017
qbt1500
qca6564a
mdm9206
mdm9655
qfe4320
qsw8573
pm8005
qca6574a
wcn3620
pm8916
wcd9326
msm8937
smb1355
sdr660
pmi8998
pmi8940
wcn3990
qca6595au
sdm830
smb1357
wtr3925
sd835
pm660a
msm8917
qca6574au
qfe4465fc
qln1030
pmi8937
pm660l
smb1350
qca9377
qfe4455fc
qtc800h
qbt1000
sdr051
qet4101
pm660
qca6310
qfe2080fc
sdx50m
pmd9607
qfe4373fc
wcn3980
apq8009w
msm8996au
qca9367
sd439
pm855a
pmd9655
mdm9650
sdx20
wsa8810
qln1035bd
pm8909
qfe3440fc
pm8953
qca6174a
sd820
pmi8952
msm8940
pm8996
sdw3100
qet4200aq
qpa5460
qcc1110
qfe3100
sd636
apq8096au
qfe2101
pm8004
qat3514
wcn3680
pmx20
wcd9335
pm8937
qca6320
rgr7640au
msm8953
apq8037
wtr3950
wtr5975
pmk8001
pmm855au
smb1380
sd450
qfe4309
smb1358
qfe2550
qet4100
pm215
wcd9330
qpa4360

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

6.7 /10