CVE-2020-11273

CVE Database · CVE-2020-11273

CVE-2020-11273

· HIGHModified

CVSS v3.1

7.5

EPSS

0.69%

Published

May 7, 2021

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Histogram type KPI was teardown with the assumption of the existence of histogram binning info and will lead to null pointer access when histogram binning info is missing due to lack of null check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weaknesses (CWE)

CWE-476

Affected Products (356)

qualcomm · csrb31024_firmwarevulnerable

qualcomm · csrb31024

qualcomm · pm3003a_firmwarevulnerable

qualcomm · pm3003a

qualcomm · pm6150a_firmwarevulnerable

qualcomm · pm6150a

qualcomm · pm6150l_firmwarevulnerable

qualcomm · pm6150l

qualcomm · pm6350_firmwarevulnerable

qualcomm · pm6350

qualcomm · pm7150a_firmwarevulnerable

· pm7150a

References (2)

https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs