6.8
MEDIUM
CVE-2020-11286
Snapdragon Pointer Dereference Vulnerability
Description

An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

INFO

Published Date :

Feb. 22, 2021, 7:15 a.m.

Last Modified :

Nov. 21, 2024, 4:57 a.m.

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

0.9
Affected Products

The following products are affected by CVE-2020-11286 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Qualcomm apq8009
2 Qualcomm apq8009w
3 Qualcomm apq8017
4 Qualcomm apq8053
5 Qualcomm apq8064au
6 Qualcomm apq8076
7 Qualcomm apq8096au
8 Qualcomm ar8151
9 Qualcomm mdm9206
10 Qualcomm mdm9230
11 Qualcomm mdm9330
12 Qualcomm mdm9607
13 Qualcomm mdm9628
14 Qualcomm mdm9630
15 Qualcomm mdm9640
16 Qualcomm mdm9650
17 Qualcomm mdm9655
18 Qualcomm msm8909w
19 Qualcomm msm8937
20 Qualcomm msm8996au
21 Qualcomm pm660
22 Qualcomm pm660a
23 Qualcomm pm660l
24 Qualcomm pm8004
25 Qualcomm pm8005
26 Qualcomm pm8909
27 Qualcomm pm8916
28 Qualcomm pm8937
29 Qualcomm pm8952
30 Qualcomm pm8953
31 Qualcomm pm8956
32 Qualcomm pm8996
33 Qualcomm pm8998
34 Qualcomm pmd9607
35 Qualcomm pmd9635
36 Qualcomm pmd9645
37 Qualcomm pmd9655
38 Qualcomm pmi8937
39 Qualcomm pmi8952
40 Qualcomm pmi8994
41 Qualcomm pmi8996
42 Qualcomm pmi8998
43 Qualcomm pmk8001
44 Qualcomm pmm8996au
45 Qualcomm qat3514
46 Qualcomm qat3522
47 Qualcomm qat3550
48 Qualcomm qbt1000
49 Qualcomm qbt1500
50 Qualcomm qca6174
51 Qualcomm qca6174a
52 Qualcomm qca6310
53 Qualcomm qca6320
54 Qualcomm qca6564a
55 Qualcomm qca6564au
56 Qualcomm qca6574
57 Qualcomm qca6574a
58 Qualcomm qca6574au
59 Qualcomm qca6584
60 Qualcomm qca6584au
61 Qualcomm qet4100
62 Qualcomm qet4101
63 Qualcomm qet4200aq
64 Qualcomm qfe1040
65 Qualcomm qfe1045
66 Qualcomm qfe2340
67 Qualcomm qfe2550
68 Qualcomm qfe3100
69 Qualcomm qfe3320
70 Qualcomm qfe3335
71 Qualcomm qfe3345
72 Qualcomm qln1021aq
73 Qualcomm qln1030
74 Qualcomm qln1031
75 Qualcomm qln1036aq
76 Qualcomm qpa4340
77 Qualcomm qpa4360
78 Qualcomm qpa5460
79 Qualcomm qsw8573
80 Qualcomm qtc800h
81 Qualcomm qtc800s
82 Qualcomm qtc800t
83 Qualcomm rgr7640au
84 Qualcomm rsw8577
85 Qualcomm sd_636
86 Qualcomm sd205
87 Qualcomm sd210
88 Qualcomm sd660
89 Qualcomm sd820
90 Qualcomm sd821
91 Qualcomm sd835
92 Qualcomm sdm630
93 Qualcomm sdr660
94 Qualcomm sdw3100
95 Qualcomm smb1350
96 Qualcomm smb1351
97 Qualcomm smb1357
98 Qualcomm smb1358
99 Qualcomm smb1360
100 Qualcomm smb1380
101 Qualcomm smb231
102 Qualcomm wcd9306
103 Qualcomm wcd9326
104 Qualcomm wcd9330
105 Qualcomm wcd9335
106 Qualcomm wcd9340
107 Qualcomm wcd9341
108 Qualcomm wcn3610
109 Qualcomm wcn3615
110 Qualcomm wcn3620
111 Qualcomm wcn3660b
112 Qualcomm wcn3680b
113 Qualcomm wcn3980
114 Qualcomm wcn3990
115 Qualcomm wgr7640
116 Qualcomm wsa8810
117 Qualcomm wsa8815
118 Qualcomm wtr2955
119 Qualcomm wtr2965
120 Qualcomm wtr3905
121 Qualcomm wtr3925
122 Qualcomm wtr3950
123 Qualcomm wtr4905
124 Qualcomm wtr5975
125 Qualcomm csr6030
126 Qualcomm mdm9250
127 Qualcomm pmx20
128 Qualcomm qca9367
129 Qualcomm qca9377
130 Qualcomm qfe1035
131 Qualcomm sdw2500
132 Qualcomm sdx20
133 Qualcomm smb358s
134 Qualcomm sdx20m
135 Qualcomm mdm9626
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2020-11286.

URL Resource
https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin Patch Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin Patch Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2020-11286 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2020-11286 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CWE Remap by [email protected]

    Jul. 21, 2021

    Action Type Old Value New Value
    Changed CWE CWE-476 CWE-119
  • Initial Analysis by [email protected]

    Feb. 26, 2021

    Action Type Old Value New Value
    Added CVSS V2 NIST (AV:L/AC:L/Au:N/C:P/I:P/A:P)
    Added CVSS V3.1 NIST AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin No Types Assigned https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin Patch, Vendor Advisory
    Added CWE NIST CWE-476
    Added CPE Configuration OR *cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:apq8009w:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:apq8064au:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:apq8076:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:ar8151:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:csr6030:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9230:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9330:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9626:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9630:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm660:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm660a:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm660l:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8004:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8005:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8909:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8916:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8937:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8952:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8953:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8956:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8996:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pm8998:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmd9607:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmd9635:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmd9645:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmd9655:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmi8937:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmi8952:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmi8994:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmi8996:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmi8998:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmk8001:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmm8996au:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:pmx20:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qat3514:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qat3522:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qat3550:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qbt1000:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qbt1500:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6174:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6584:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qet4100:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qet4101:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qet4200aq:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qfe1035:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qfe1040:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qfe1045:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qfe2340:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qfe2550:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qfe3100:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qfe3320:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qfe3335:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qfe3345:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qln1021aq:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qln1030:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qln1031:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qln1036aq:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qpa4340:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qpa4360:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qpa5460:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qsw8573:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qtc800h:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qtc800s:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:qtc800t:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:rgr7640au:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:rsw8577:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sd821:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sdr660:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sdw2500:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sdw3100:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:sdx20m:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:smb1350:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:smb1351:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:smb1357:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:smb1358:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:smb1360:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:smb1380:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:smb231:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:smb358s:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wgr7640:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wtr2955:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wtr2965:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wtr3905:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wtr3925:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wtr3950:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wtr4905:-:*:*:*:*:*:*:* *cpe:2.3:h:qualcomm:wtr5975:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.07 }} 0.01%

score

0.29398

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability