CVE-2020-11175

CVE Database · CVE-2020-11175

CVE-2020-11175

· HIGHModified

CVSS v3.1

7.8

EPSS

0.20%

Published

Nov 12, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009W, MSM8909W, QCS605, QM215, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6350, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-416

Affected Products (62)

qualcomm · apq8009w_firmwarevulnerable

qualcomm · apq8009w

qualcomm · msm8909w_firmwarevulnerable

qualcomm · msm8909w

qualcomm · qcs605_firmwarevulnerable

qualcomm · qcs605

qualcomm · qm215_firmwarevulnerable

qualcomm · qm215

qualcomm · sa6155_firmwarevulnerable

qualcomm · sa6155

qualcomm · sa6155p_firmwarevulnerable

· sa6155p

References (2)

https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs