CVE-2020-11172

CVE Database · CVE-2020-11172

CVE-2020-11172

· CRITICALModified

CVSS v3.1

9.8

EPSS

0.74%

Published

Nov 2, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

u'fscanf reads a string from a file and stores its contents on a statically allocated stack memory which leads to stack overflow' in Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA9531, QCA9980

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-120

Affected Products (12)

qualcomm · ipq4019_firmwarevulnerable

qualcomm · ipq4019

qualcomm · ipq6018_firmwarevulnerable

qualcomm · ipq6018

qualcomm · ipq8064_firmwarevulnerable

qualcomm · ipq8064

qualcomm · ipq8074_firmwarevulnerable

qualcomm · ipq8074

qualcomm · qca9531_firmwarevulnerable

qualcomm · qca9531

qualcomm · qca9980_firmwarevulnerable

· qca9980

References (3)

https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin

Broken Link

https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin

Broken Link

KEV Catalog EPSS Scores Vendors All CVEs