CVE-2020-11121

CVE Database · CVE-2020-11121

CVE-2020-11121

· HIGHModified

CVSS v3.1

7.8

EPSS

0.19%

Published

Nov 12, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-120

Affected Products (62)

qualcomm · qcm4290_firmwarevulnerable

qualcomm · qcm4290

qualcomm · qcs4290_firmwarevulnerable

qualcomm · qcs4290

qualcomm · qm215_firmwarevulnerable

qualcomm · qm215

qualcomm · qsm8350_firmwarevulnerable

qualcomm · qsm8350

qualcomm · sa6145p_firmwarevulnerable

qualcomm · sa6145p

qualcomm · sa6155_firmwarevulnerable

· sa6155

References (2)

https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs