CVE-2020-11149

6.7

MEDIUM

Snapdragon Out-of-Bounds Pointer Access

Description

Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

INFO

Published Date :

Jan. 21, 2021, 10:15 a.m.

Last Modified :

Jan. 29, 2021, 8:15 p.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

0.8

Affected Products

The following products are affected by CVE-2020-11149 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Qualcomm	apq8053
2	Qualcomm	apq8096au
3	Qualcomm	aqt1000
4	Qualcomm	ar8031
5	Qualcomm	ar8035
6	Qualcomm	csra6620
7	Qualcomm	csra6640
8	Qualcomm	mdm9650
9	Qualcomm	pm215
10	Qualcomm	pm3003a
11	Qualcomm	pm6125
12	Qualcomm	pm6150
13	Qualcomm	pm6150a
14	Qualcomm	pm6150l
15	Qualcomm	pm6350
16	Qualcomm	pm640a
17	Qualcomm	pm640l
18	Qualcomm	pm640p
19	Qualcomm	pm660
20	Qualcomm	pm660l
21	Qualcomm	pm670
22	Qualcomm	pm670a
23	Qualcomm	pm670l
24	Qualcomm	pm7150a
25	Qualcomm	pm7150l
26	Qualcomm	pm7250
27	Qualcomm	pm7250b
28	Qualcomm	pm7350c
29	Qualcomm	pm8004
30	Qualcomm	pm8005
31	Qualcomm	pm8008
32	Qualcomm	pm8009
33	Qualcomm	pm8150
34	Qualcomm	pm8150a
35	Qualcomm	pm8150b
36	Qualcomm	pm8150c
37	Qualcomm	pm8150l
38	Qualcomm	pm8250
39	Qualcomm	pm8350
40	Qualcomm	pm8350b
41	Qualcomm	pm8350bh
42	Qualcomm	pm8350bhs
43	Qualcomm	pm8350c
44	Qualcomm	pm855
45	Qualcomm	pm855a
46	Qualcomm	pm855b
47	Qualcomm	pm855l
48	Qualcomm	pm855p
49	Qualcomm	pm8909
50	Qualcomm	pm8916
51	Qualcomm	pm8953
52	Qualcomm	pm8998
53	Qualcomm	pmc1000h
54	Qualcomm	pmd9655
55	Qualcomm	pme605
56	Qualcomm	pmi632
57	Qualcomm	pmi8952
58	Qualcomm	pmi8998
59	Qualcomm	pmk7350
60	Qualcomm	pmk8002
61	Qualcomm	pmk8003
62	Qualcomm	pmk8350
63	Qualcomm	pmm6155au
64	Qualcomm	pmm8155au
65	Qualcomm	pmm855au
66	Qualcomm	pmm8996au
67	Qualcomm	pmr525
68	Qualcomm	pmr735a
69	Qualcomm	pmr735b
70	Qualcomm	pmw3100
71	Qualcomm	pmx24
72	Qualcomm	pmx55
73	Qualcomm	qat3514
74	Qualcomm	qat3516
75	Qualcomm	qat3518
76	Qualcomm	qat3519
77	Qualcomm	qat3522
78	Qualcomm	qat3550
79	Qualcomm	qat3555
80	Qualcomm	qat5515
81	Qualcomm	qat5516
82	Qualcomm	qat5522
83	Qualcomm	qat5533
84	Qualcomm	qat5568
85	Qualcomm	qbt1500
86	Qualcomm	qbt2000
87	Qualcomm	qca4020
88	Qualcomm	qca6174a
89	Qualcomm	qca6390
90	Qualcomm	qca6391
91	Qualcomm	qca6420
92	Qualcomm	qca6421
93	Qualcomm	qca6426
94	Qualcomm	qca6430
95	Qualcomm	qca6431
96	Qualcomm	qca6436
97	Qualcomm	qca6564
98	Qualcomm	qca6564a
99	Qualcomm	qca6564au
100	Qualcomm	qca6574
101	Qualcomm	qca6574a
102	Qualcomm	qca6574au
103	Qualcomm	qca6584au
104	Qualcomm	qca6595au
105	Qualcomm	qca6696
106	Qualcomm	qca9379
107	Qualcomm	qcm4290
108	Qualcomm	qcs405
109	Qualcomm	qcs4290
110	Qualcomm	qcs603
111	Qualcomm	qcs605
112	Qualcomm	qdm2301
113	Qualcomm	qdm2302
114	Qualcomm	qdm2305
115	Qualcomm	qdm2307
116	Qualcomm	qdm2308
117	Qualcomm	qdm2310
118	Qualcomm	qdm3301
119	Qualcomm	qdm3302
120	Qualcomm	qdm4643
121	Qualcomm	qdm4650
122	Qualcomm	qdm5579
123	Qualcomm	qdm5620
124	Qualcomm	qdm5621
125	Qualcomm	qdm5650
126	Qualcomm	qdm5652
127	Qualcomm	qdm5670
128	Qualcomm	qdm5671
129	Qualcomm	qdm5677
130	Qualcomm	qdm5679
131	Qualcomm	qet4100
132	Qualcomm	qet4101
133	Qualcomm	qet5100
134	Qualcomm	qet5100m
135	Qualcomm	qet6100
136	Qualcomm	qet6110
137	Qualcomm	qfs2530
138	Qualcomm	qfs2580
139	Qualcomm	qfs2608
140	Qualcomm	qfs2630
141	Qualcomm	qln1030
142	Qualcomm	qln4642
143	Qualcomm	qln4650
144	Qualcomm	qln5020
145	Qualcomm	qln5030
146	Qualcomm	qln5040
147	Qualcomm	qpa2625
148	Qualcomm	qpa4360
149	Qualcomm	qpa4361
150	Qualcomm	qpa5460
151	Qualcomm	qpa5461
152	Qualcomm	qpa5580
153	Qualcomm	qpa5581
154	Qualcomm	qpa6560
155	Qualcomm	qpa8673
156	Qualcomm	qpa8686
157	Qualcomm	qpa8801
158	Qualcomm	qpa8802
159	Qualcomm	qpa8803
160	Qualcomm	qpa8821
161	Qualcomm	qpa8842
162	Qualcomm	qpm4621
163	Qualcomm	qpm4630
164	Qualcomm	qpm4640
165	Qualcomm	qpm4641
166	Qualcomm	qpm4650
167	Qualcomm	qpm5621
168	Qualcomm	qpm5641
169	Qualcomm	qpm5658
170	Qualcomm	qpm5670
171	Qualcomm	qpm5677
172	Qualcomm	qpm5679
173	Qualcomm	qpm5870
174	Qualcomm	qpm5875
175	Qualcomm	qpm6582
176	Qualcomm	qpm6585
177	Qualcomm	qpm6621
178	Qualcomm	qpm6670
179	Qualcomm	qpm8820
180	Qualcomm	qpm8830
181	Qualcomm	qpm8870
182	Qualcomm	qpm8895
183	Qualcomm	qsm7250
184	Qualcomm	qsw6310
185	Qualcomm	qsw8573
186	Qualcomm	qsw8574
187	Qualcomm	qtc410s
188	Qualcomm	qtc800h
189	Qualcomm	qtc800s
190	Qualcomm	qtc801s
191	Qualcomm	qtm525
192	Qualcomm	qualcomm215
193	Qualcomm	sa6145p
194	Qualcomm	sa6155p
195	Qualcomm	sa8155
196	Qualcomm	sa8155p
197	Qualcomm	sd205
198	Qualcomm	sd210
199	Qualcomm	sd429
200	Qualcomm	sd460
201	Qualcomm	sd662
202	Qualcomm	sd665
203	Qualcomm	sd675
204	Qualcomm	sd750g
205	Qualcomm	sd765
206	Qualcomm	sd765g
207	Qualcomm	sd768g
208	Qualcomm	sd855
209	Qualcomm	sda429w
210	Qualcomm	sdm429w
211	Qualcomm	sdm830
212	Qualcomm	sdr425
213	Qualcomm	sdr660
214	Qualcomm	sdr660g
215	Qualcomm	sdr735
216	Qualcomm	sdr735g
217	Qualcomm	sdr8150
218	Qualcomm	sdr8250
219	Qualcomm	sdr865
220	Qualcomm	sdx55
221	Qualcomm	sdx55m
222	Qualcomm	sdxr1
223	Qualcomm	sm7250p
224	Qualcomm	sm7350
225	Qualcomm	smb1350
226	Qualcomm	smb1351
227	Qualcomm	smb1354
228	Qualcomm	smb1355
229	Qualcomm	smb1357
230	Qualcomm	smb1381
231	Qualcomm	smb1390
232	Qualcomm	smb1394
233	Qualcomm	smb1395
234	Qualcomm	smb1396
235	Qualcomm	smb1398
236	Qualcomm	smb2351
237	Qualcomm	smr525
238	Qualcomm	smr526
239	Qualcomm	smr545
240	Qualcomm	smr546
241	Qualcomm	wcd9326
242	Qualcomm	wcd9335
243	Qualcomm	wcd9340
244	Qualcomm	wcd9341
245	Qualcomm	wcd9370
246	Qualcomm	wcd9375
247	Qualcomm	wcd9380
248	Qualcomm	wcd9385
249	Qualcomm	wcn3610
250	Qualcomm	wcn3615
251	Qualcomm	wcn3620
252	Qualcomm	wcn3660b
253	Qualcomm	wcn3680
254	Qualcomm	wcn3680b
255	Qualcomm	wcn3950
256	Qualcomm	wcn3980
257	Qualcomm	wcn3988
258	Qualcomm	wcn3990
259	Qualcomm	wcn3991
260	Qualcomm	wcn3998
261	Qualcomm	wcn3999
262	Qualcomm	wcn6740
263	Qualcomm	wcn6750
264	Qualcomm	wcn6850
265	Qualcomm	wcn6851
266	Qualcomm	wcn6856
267	Qualcomm	wgr7640
268	Qualcomm	wsa8810
269	Qualcomm	wsa8815
270	Qualcomm	wsa8830
271	Qualcomm	wsa8835
272	Qualcomm	wtr2965
273	Qualcomm	wtr3925
274	Qualcomm	wtr4905
275	Qualcomm	wtr5975
276	Qualcomm	sd8c
277	Qualcomm	sd8cx
278	Qualcomm	qca8337
279	Qualcomm	qtm527
280	Qualcomm	sd6905g
281	Qualcomm	sd8655g
282	Qualcomm	sd8885g
283	Qualcomm	sdxr25g
284	Qualcomm	pmx20
285	Qualcomm	qca9377
286	Qualcomm	qpm5541
287	Qualcomm	qpm5577
288	Qualcomm	qpm5579
289	Qualcomm	qpm6325
290	Qualcomm	qpm6375
291	Qualcomm	sdx20
292	Qualcomm	sdx24
293	Qualcomm	sdx20m

: Total Affected Vendor : 1 | Products : 293

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2020-11149.

URL	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin	Patch Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2020-11149 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2020-11149 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by [email protected]

May. 14, 2024

Action Type Old Value New Value

Initial Analysis by [email protected]

Jan. 29, 2021

Action	Type	Old Value	New Value
Added	CVSS V2		NIST (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Added	CVSS V3.1		NIST AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Changed	Reference Type	https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin No Types Assigned	https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin Broken Link
Added	Reference		https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin [Patch, Vendor Advisory]
Added	CWE		NIST CWE-119
Added	CPE Configuration		OR cpe:2.3:h:qualcomm:apq8053:-::::::: cpe:2.3:h:qualcomm:apq8096au:-::::::: cpe:2.3:h:qualcomm:aqt1000:-::::::: cpe:2.3:h:qualcomm:ar8031:-::::::: cpe:2.3:h:qualcomm:ar8035:-::::::: cpe:2.3:h:qualcomm:csra6620:-::::::: cpe:2.3:h:qualcomm:csra6640:-::::::: cpe:2.3:h:qualcomm:mdm9650:-::::::: cpe:2.3:h:qualcomm:pm215:-::::::: cpe:2.3:h:qualcomm:pm3003a:-::::::: cpe:2.3:h:qualcomm:pm6125:-::::::: cpe:2.3:h:qualcomm:pm6150:-::::::: cpe:2.3:h:qualcomm:pm6150a:-::::::: cpe:2.3:h:qualcomm:pm6150l:-::::::: cpe:2.3:h:qualcomm:pm6350:-::::::: cpe:2.3:h:qualcomm:pm640a:-::::::: cpe:2.3:h:qualcomm:pm640l:-::::::: cpe:2.3:h:qualcomm:pm640p:-::::::: cpe:2.3:h:qualcomm:pm660:-::::::: cpe:2.3:h:qualcomm:pm660l:-::::::: cpe:2.3:h:qualcomm:pm670:-::::::: cpe:2.3:h:qualcomm:pm670a:-::::::: cpe:2.3:h:qualcomm:pm670l:-::::::: cpe:2.3:h:qualcomm:pm7150a:-::::::: cpe:2.3:h:qualcomm:pm7150l:-::::::: cpe:2.3:h:qualcomm:pm7250:-::::::: cpe:2.3:h:qualcomm:pm7250b:-::::::: cpe:2.3:h:qualcomm:pm7350c:-::::::: cpe:2.3:h:qualcomm:pm8004:-::::::: cpe:2.3:h:qualcomm:pm8005:-::::::: cpe:2.3:h:qualcomm:pm8008:-::::::: cpe:2.3:h:qualcomm:pm8009:-::::::: cpe:2.3:h:qualcomm:pm8150:-::::::: cpe:2.3:h:qualcomm:pm8150a:-::::::: cpe:2.3:h:qualcomm:pm8150b:-::::::: cpe:2.3:h:qualcomm:pm8150c:-::::::: cpe:2.3:h:qualcomm:pm8150l:-::::::: cpe:2.3:h:qualcomm:pm8250:-::::::: cpe:2.3:h:qualcomm:pm8350:-::::::: cpe:2.3:h:qualcomm:pm8350b:-::::::: cpe:2.3:h:qualcomm:pm8350bh:-::::::: cpe:2.3:h:qualcomm:pm8350bhs:-::::::: cpe:2.3:h:qualcomm:pm8350c:-::::::: cpe:2.3:h:qualcomm:pm855:-::::::: cpe:2.3:h:qualcomm:pm855a:-::::::: cpe:2.3:h:qualcomm:pm855b:-::::::: cpe:2.3:h:qualcomm:pm855l:-::::::: cpe:2.3:h:qualcomm:pm855p:-::::::: cpe:2.3:h:qualcomm:pm8909:-::::::: cpe:2.3:h:qualcomm:pm8916:-::::::: cpe:2.3:h:qualcomm:pm8953:-::::::: cpe:2.3:h:qualcomm:pm8998:-::::::: cpe:2.3:h:qualcomm:pmc1000h:-::::::: cpe:2.3:h:qualcomm:pmd9655:-::::::: cpe:2.3:h:qualcomm:pme605:-::::::: cpe:2.3:h:qualcomm:pmi632:-::::::: cpe:2.3:h:qualcomm:pmi8952:-::::::: cpe:2.3:h:qualcomm:pmi8998:-::::::: cpe:2.3:h:qualcomm:pmk7350:-::::::: cpe:2.3:h:qualcomm:pmk8002:-::::::: cpe:2.3:h:qualcomm:pmk8003:-::::::: cpe:2.3:h:qualcomm:pmk8350:-::::::: cpe:2.3:h:qualcomm:pmm6155au:-::::::: cpe:2.3:h:qualcomm:pmm8155au:-::::::: cpe:2.3:h:qualcomm:pmm855au:-::::::: cpe:2.3:h:qualcomm:pmm8996au:-::::::: cpe:2.3:h:qualcomm:pmr525:-::::::: cpe:2.3:h:qualcomm:pmr735a:-::::::: cpe:2.3:h:qualcomm:pmr735b:-::::::: cpe:2.3:h:qualcomm:pmw3100:-::::::: cpe:2.3:h:qualcomm:pmx20:-::::::: cpe:2.3:h:qualcomm:pmx24:-::::::: cpe:2.3:h:qualcomm:pmx55:-::::::: cpe:2.3:h:qualcomm:qat3514:-::::::: cpe:2.3:h:qualcomm:qat3516:-::::::: cpe:2.3:h:qualcomm:qat3518:-::::::: cpe:2.3:h:qualcomm:qat3519:-::::::: cpe:2.3:h:qualcomm:qat3522:-::::::: cpe:2.3:h:qualcomm:qat3550:-::::::: cpe:2.3:h:qualcomm:qat3555:-::::::: cpe:2.3:h:qualcomm:qat5515:-::::::: cpe:2.3:h:qualcomm:qat5516:-::::::: cpe:2.3:h:qualcomm:qat5522:-::::::: cpe:2.3:h:qualcomm:qat5533:-::::::: cpe:2.3:h:qualcomm:qat5568:-::::::: cpe:2.3:h:qualcomm:qbt1500:-::::::: cpe:2.3:h:qualcomm:qbt2000:-::::::: cpe:2.3:h:qualcomm:qca4020:-::::::: cpe:2.3:h:qualcomm:qca6174a:-::::::: cpe:2.3:h:qualcomm:qca6390:-::::::: cpe:2.3:h:qualcomm:qca6391:-::::::: cpe:2.3:h:qualcomm:qca6420:-::::::: cpe:2.3:h:qualcomm:qca6421:-::::::: cpe:2.3:h:qualcomm:qca6426:-::::::: cpe:2.3:h:qualcomm:qca6430:-::::::: cpe:2.3:h:qualcomm:qca6431:-::::::: cpe:2.3:h:qualcomm:qca6436:-::::::: cpe:2.3:h:qualcomm:qca6564:-::::::: cpe:2.3:h:qualcomm:qca6564a:-::::::: cpe:2.3:h:qualcomm:qca6564au:-::::::: cpe:2.3:h:qualcomm:qca6574:-::::::: cpe:2.3:h:qualcomm:qca6574a:-::::::: cpe:2.3:h:qualcomm:qca6574au:-::::::: cpe:2.3:h:qualcomm:qca6584au:-::::::: cpe:2.3:h:qualcomm:qca6595au:-::::::: cpe:2.3:h:qualcomm:qca6696:-::::::: cpe:2.3:h:qualcomm:qca8337:-::::::: cpe:2.3:h:qualcomm:qca9377:-::::::: cpe:2.3:h:qualcomm:qca9379:-::::::: cpe:2.3:h:qualcomm:qcm4290:-::::::: cpe:2.3:h:qualcomm:qcs405:-::::::: cpe:2.3:h:qualcomm:qcs4290:-::::::: cpe:2.3:h:qualcomm:qcs603:-::::::: cpe:2.3:h:qualcomm:qcs605:-::::::: cpe:2.3:h:qualcomm:qdm2301:-::::::: cpe:2.3:h:qualcomm:qdm2302:-::::::: cpe:2.3:h:qualcomm:qdm2305:-::::::: cpe:2.3:h:qualcomm:qdm2307:-::::::: cpe:2.3:h:qualcomm:qdm2308:-::::::: cpe:2.3:h:qualcomm:qdm2310:-::::::: cpe:2.3:h:qualcomm:qdm3301:-::::::: cpe:2.3:h:qualcomm:qdm3302:-::::::: cpe:2.3:h:qualcomm:qdm4643:-::::::: cpe:2.3:h:qualcomm:qdm4650:-::::::: cpe:2.3:h:qualcomm:qdm5579:-::::::: cpe:2.3:h:qualcomm:qdm5620:-::::::: cpe:2.3:h:qualcomm:qdm5621:-::::::: cpe:2.3:h:qualcomm:qdm5650:-::::::: cpe:2.3:h:qualcomm:qdm5652:-::::::: cpe:2.3:h:qualcomm:qdm5670:-::::::: cpe:2.3:h:qualcomm:qdm5671:-::::::: cpe:2.3:h:qualcomm:qdm5677:-::::::: cpe:2.3:h:qualcomm:qdm5679:-::::::: cpe:2.3:h:qualcomm:qet4100:-::::::: cpe:2.3:h:qualcomm:qet4101:-::::::: cpe:2.3:h:qualcomm:qet5100:-::::::: cpe:2.3:h:qualcomm:qet5100m:-::::::: cpe:2.3:h:qualcomm:qet6100:-::::::: cpe:2.3:h:qualcomm:qet6110:-::::::: cpe:2.3:h:qualcomm:qfs2530:-::::::: cpe:2.3:h:qualcomm:qfs2580:-::::::: cpe:2.3:h:qualcomm:qfs2608:-::::::: cpe:2.3:h:qualcomm:qfs2630:-::::::: cpe:2.3:h:qualcomm:qln1030:-::::::: cpe:2.3:h:qualcomm:qln4642:-::::::: cpe:2.3:h:qualcomm:qln4650:-::::::: cpe:2.3:h:qualcomm:qln5020:-::::::: cpe:2.3:h:qualcomm:qln5030:-::::::: cpe:2.3:h:qualcomm:qln5040:-::::::: cpe:2.3:h:qualcomm:qpa2625:-::::::: cpe:2.3:h:qualcomm:qpa4360:-::::::: cpe:2.3:h:qualcomm:qpa4361:-::::::: cpe:2.3:h:qualcomm:qpa5460:-::::::: cpe:2.3:h:qualcomm:qpa5461:-::::::: cpe:2.3:h:qualcomm:qpa5580:-::::::: cpe:2.3:h:qualcomm:qpa5581:-::::::: cpe:2.3:h:qualcomm:qpa6560:-::::::: cpe:2.3:h:qualcomm:qpa8673:-::::::: cpe:2.3:h:qualcomm:qpa8686:-::::::: cpe:2.3:h:qualcomm:qpa8801:-::::::: cpe:2.3:h:qualcomm:qpa8802:-::::::: cpe:2.3:h:qualcomm:qpa8803:-::::::: cpe:2.3:h:qualcomm:qpa8821:-::::::: cpe:2.3:h:qualcomm:qpa8842:-::::::: cpe:2.3:h:qualcomm:qpm4621:-::::::: cpe:2.3:h:qualcomm:qpm4630:-::::::: cpe:2.3:h:qualcomm:qpm4640:-::::::: cpe:2.3:h:qualcomm:qpm4641:-::::::: cpe:2.3:h:qualcomm:qpm4650:-::::::: cpe:2.3:h:qualcomm:qpm5541:-::::::: cpe:2.3:h:qualcomm:qpm5577:-::::::: cpe:2.3:h:qualcomm:qpm5579:-::::::: cpe:2.3:h:qualcomm:qpm5621:-::::::: cpe:2.3:h:qualcomm:qpm5641:-::::::: cpe:2.3:h:qualcomm:qpm5658:-::::::: cpe:2.3:h:qualcomm:qpm5670:-::::::: cpe:2.3:h:qualcomm:qpm5677:-::::::: cpe:2.3:h:qualcomm:qpm5679:-::::::: cpe:2.3:h:qualcomm:qpm5870:-::::::: cpe:2.3:h:qualcomm:qpm5875:-::::::: cpe:2.3:h:qualcomm:qpm6325:-::::::: cpe:2.3:h:qualcomm:qpm6375:-::::::: cpe:2.3:h:qualcomm:qpm6582:-::::::: cpe:2.3:h:qualcomm:qpm6585:-::::::: cpe:2.3:h:qualcomm:qpm6621:-::::::: cpe:2.3:h:qualcomm:qpm6670:-::::::: cpe:2.3:h:qualcomm:qpm8820:-::::::: cpe:2.3:h:qualcomm:qpm8830:-::::::: cpe:2.3:h:qualcomm:qpm8870:-::::::: cpe:2.3:h:qualcomm:qpm8895:-::::::: cpe:2.3:h:qualcomm:qsm7250:-::::::: cpe:2.3:h:qualcomm:qsw6310:-::::::: cpe:2.3:h:qualcomm:qsw8573:-::::::: cpe:2.3:h:qualcomm:qsw8574:-::::::: cpe:2.3:h:qualcomm:qtc410s:-::::::: cpe:2.3:h:qualcomm:qtc800h:-::::::: cpe:2.3:h:qualcomm:qtc800s:-::::::: cpe:2.3:h:qualcomm:qtc801s:-::::::: cpe:2.3:h:qualcomm:qtm525:-::::::: cpe:2.3:h:qualcomm:qtm527:-::::::: cpe:2.3:h:qualcomm:qualcomm215:-::::::: cpe:2.3:h:qualcomm:sa6145p:-::::::: cpe:2.3:h:qualcomm:sa6155p:-::::::: cpe:2.3:h:qualcomm:sa8155:-::::::: cpe:2.3:h:qualcomm:sa8155p:-::::::: cpe:2.3:h:qualcomm:sd205:-::::::: cpe:2.3:h:qualcomm:sd210:-::::::: cpe:2.3:h:qualcomm:sd429:-::::::: cpe:2.3:h:qualcomm:sd460:-::::::: cpe:2.3:h:qualcomm:sd662:-::::::: cpe:2.3:h:qualcomm:sd665:-::::::: cpe:2.3:h:qualcomm:sd675:-::::::: cpe:2.3:h:qualcomm:sd6905g:-::::::: cpe:2.3:h:qualcomm:sd750g:-::::::: cpe:2.3:h:qualcomm:sd765:-::::::: cpe:2.3:h:qualcomm:sd765g:-::::::: cpe:2.3:h:qualcomm:sd768g:-::::::: cpe:2.3:h:qualcomm:sd855:-::::::: cpe:2.3:h:qualcomm:sd8655g:-::::::: cpe:2.3:h:qualcomm:sd8885g:-::::::: cpe:2.3:h:qualcomm:sd8c:-::::::: cpe:2.3:h:qualcomm:sd8cx:-::::::: cpe:2.3:h:qualcomm:sda429w:-::::::: cpe:2.3:h:qualcomm:sdm429w:-::::::: cpe:2.3:h:qualcomm:sdm830:-::::::: cpe:2.3:h:qualcomm:sdr425:-::::::: cpe:2.3:h:qualcomm:sdr660:-::::::: cpe:2.3:h:qualcomm:sdr660g:-::::::: cpe:2.3:h:qualcomm:sdr735:-::::::: cpe:2.3:h:qualcomm:sdr735g:-::::::: cpe:2.3:h:qualcomm:sdr8150:-::::::: cpe:2.3:h:qualcomm:sdr8250:-::::::: cpe:2.3:h:qualcomm:sdr865:-::::::: cpe:2.3:h:qualcomm:sdx20:-::::::: cpe:2.3:h:qualcomm:sdx20m:-::::::: cpe:2.3:h:qualcomm:sdx24:-::::::: cpe:2.3:h:qualcomm:sdx55:-::::::: cpe:2.3:h:qualcomm:sdx55m:-::::::: cpe:2.3:h:qualcomm:sdxr1:-::::::: cpe:2.3:h:qualcomm:sdxr25g:-::::::: cpe:2.3:h:qualcomm:sm7250p:-::::::: cpe:2.3:h:qualcomm:sm7350:-::::::: cpe:2.3:h:qualcomm:smb1350:-::::::: cpe:2.3:h:qualcomm:smb1351:-::::::: cpe:2.3:h:qualcomm:smb1354:-::::::: cpe:2.3:h:qualcomm:smb1355:-::::::: cpe:2.3:h:qualcomm:smb1357:-::::::: cpe:2.3:h:qualcomm:smb1381:-::::::: cpe:2.3:h:qualcomm:smb1390:-::::::: cpe:2.3:h:qualcomm:smb1394:-::::::: cpe:2.3:h:qualcomm:smb1395:-::::::: cpe:2.3:h:qualcomm:smb1396:-::::::: cpe:2.3:h:qualcomm:smb1398:-::::::: cpe:2.3:h:qualcomm:smb2351:-::::::: cpe:2.3:h:qualcomm:smr525:-::::::: cpe:2.3:h:qualcomm:smr526:-::::::: cpe:2.3:h:qualcomm:smr545:-::::::: cpe:2.3:h:qualcomm:smr546:-::::::: cpe:2.3:h:qualcomm:wcd9326:-::::::: cpe:2.3:h:qualcomm:wcd9335:-::::::: cpe:2.3:h:qualcomm:wcd9340:-::::::: cpe:2.3:h:qualcomm:wcd9341:-::::::: cpe:2.3:h:qualcomm:wcd9370:-::::::: cpe:2.3:h:qualcomm:wcd9375:-::::::: cpe:2.3:h:qualcomm:wcd9380:-::::::: cpe:2.3:h:qualcomm:wcd9385:-::::::: cpe:2.3:h:qualcomm:wcn3610:-::::::: cpe:2.3:h:qualcomm:wcn3615:-::::::: cpe:2.3:h:qualcomm:wcn3620:-::::::: cpe:2.3:h:qualcomm:wcn3660b:-::::::: cpe:2.3:h:qualcomm:wcn3680:-::::::: cpe:2.3:h:qualcomm:wcn3680b:-::::::: cpe:2.3:h:qualcomm:wcn3950:-::::::: cpe:2.3:h:qualcomm:wcn3980:-::::::: cpe:2.3:h:qualcomm:wcn3988:-::::::: cpe:2.3:h:qualcomm:wcn3990:-::::::: cpe:2.3:h:qualcomm:wcn3991:-::::::: cpe:2.3:h:qualcomm:wcn3998:-::::::: cpe:2.3:h:qualcomm:wcn3999:-::::::: cpe:2.3:h:qualcomm:wcn6740:-::::::: cpe:2.3:h:qualcomm:wcn6750:-::::::: cpe:2.3:h:qualcomm:wcn6850:-::::::: cpe:2.3:h:qualcomm:wcn6851:-::::::: cpe:2.3:h:qualcomm:wcn6856:-::::::: cpe:2.3:h:qualcomm:wgr7640:-::::::: cpe:2.3:h:qualcomm:wsa8810:-::::::: cpe:2.3:h:qualcomm:wsa8815:-::::::: cpe:2.3:h:qualcomm:wsa8830:-::::::: cpe:2.3:h:qualcomm:wsa8835:-::::::: cpe:2.3:h:qualcomm:wtr2965:-::::::: cpe:2.3:h:qualcomm:wtr3925:-::::::: cpe:2.3:h:qualcomm:wtr4905:-::::::: cpe:2.3:h:qualcomm:wtr5975:-:::::::

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2020-11149 is associated with the following CWEs:

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2020-11149 weaknesses.

CAPEC-8: Buffer Overflow in an API Call Buffer Overflow in an API Call CAPEC-9: Buffer Overflow in Local Command-Line Utilities Buffer Overflow in Local Command-Line Utilities CAPEC-10: Buffer Overflow via Environment Variables Buffer Overflow via Environment Variables CAPEC-14: Client-side Injection-induced Buffer Overflow Client-side Injection-induced Buffer Overflow CAPEC-24: Filter Failure through Buffer Overflow Filter Failure through Buffer Overflow CAPEC-42: MIME Conversion MIME Conversion CAPEC-44: Overflow Binary Resource File Overflow Binary Resource File CAPEC-45: Buffer Overflow via Symbolic Links Buffer Overflow via Symbolic Links CAPEC-46: Overflow Variables and Tags Overflow Variables and Tags CAPEC-47: Buffer Overflow via Parameter Expansion Buffer Overflow via Parameter Expansion CAPEC-100: Overflow Buffers Overflow Buffers CAPEC-123: Buffer Manipulation Buffer Manipulation

CVE-2020-11149

Snapdragon Out-of-Bounds Pointer Access

Description

INFO

Jan. 21, 2021, 10:15 a.m.

Jan. 29, 2021, 8:15 p.m.

[email protected]

No

5.9

0.8

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

0.04 }} 0.00%

0.10264

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable