ID

VAR-202102-0111


CVE

CVE-2020-11203


TITLE

plural  Qualcomm  Out-of-bounds write vulnerabilities in the product

Trust: 0.8

sources: JVNDB: JVNDB-2020-016177

DESCRIPTION

Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. plural Qualcomm The product contains a vulnerability related to out-of-bounds writing.Information is obtained and denial of service (DoS) It may be put into a state

Trust: 1.62

sources: NVD: CVE-2020-11203 // JVNDB: JVNDB-2020-016177

AFFECTED PRODUCTS

vendor:qualcommmodel:qca6564scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8005scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qdm2301scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat3518scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmw3100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat3555scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8096auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qsw8573scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb231scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm640pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smr526scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmm8155auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmk8002scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm855bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8909wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat3522scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qpa4360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm640lscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr865scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr2955scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtc800hscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm640ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs605scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm6150ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qet5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm855lscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qsw8574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:rgr7640auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat5516scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtc410sscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx50mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr5975scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmr735ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm6150scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm670scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtc801sscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8916scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr052scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm670lscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8009scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr051scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmi8998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat5515scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qpa4361scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8008scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1355scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr2965scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtm527scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmi632scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qdm2302scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sda429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8004scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmm855auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat3550scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat3519scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qsw6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmm8195auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qpa5460scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtm525scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qualcomm215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmm6155auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8195pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd665scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wgr7640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm456scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm6150lscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm6250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr4905scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr660gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdw3100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qet4101scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtc800sscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6750scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd720gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qbt1500scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr8150scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr3925scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1381scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8064auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm855pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qpa6560scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmx50scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qbt2000scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:apq8096auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:pm6125scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8909wscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8064auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009wscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:pm215scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:pm456scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8996auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:pm6150scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-016177 // NVD: CVE-2020-11203

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-11203
value: HIGH

Trust: 1.0

NVD: CVE-2020-11203
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202102-040
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-11203
severity: LOW
baseScore: 3.6
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2020-11203
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2020-11203
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2020-016177 // CNNVD: CNNVD-202102-040 // NVD: CVE-2020-11203

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-016177 // NVD: CVE-2020-11203

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-040

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202102-040

PATCH

title:February 2021 Security Bulletinurl:https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Trust: 0.8

title:Qualcomm RIL Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=143128

Trust: 0.6

sources: JVNDB: JVNDB-2020-016177 // CNNVD: CNNVD-202102-040

EXTERNAL IDS

db:NVDid:CVE-2020-11203

Trust: 2.4

db:JVNDBid:JVNDB-2020-016177

Trust: 0.8

db:CNNVDid:CNNVD-202102-040

Trust: 0.6

sources: JVNDB: JVNDB-2020-016177 // CNNVD: CNNVD-202102-040 // NVD: CVE-2020-11203

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-11203

Trust: 1.4

url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-february-2021-34454

Trust: 0.6

sources: JVNDB: JVNDB-2020-016177 // CNNVD: CNNVD-202102-040 // NVD: CVE-2020-11203

SOURCES

db:JVNDBid:JVNDB-2020-016177
db:CNNVDid:CNNVD-202102-040
db:NVDid:CVE-2020-11203

LAST UPDATE DATE

2024-08-14T14:56:05.097000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2020-016177date:2021-11-11T09:04:00
db:CNNVDid:CNNVD-202102-040date:2021-03-02T00:00:00
db:NVDid:CVE-2020-11203date:2021-03-01T16:01:31.900

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2020-016177date:2021-11-11T00:00:00
db:CNNVDid:CNNVD-202102-040date:2021-02-01T00:00:00
db:NVDid:CVE-2020-11203date:2021-02-22T07:15:13.970