Vulnerabilities

CVE-2020-11177

February 26, 2021

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Summary:

Reference Links(if available):

https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

[RHYSIDA] – Ransomware Victim: American Addiction Centers

November 16, 2024

[LYNX] – Ransomware Victim: Grupo_Trisan

November 16, 2024

Brute Ratel C4 Detected – 52[.]193[.]97[.]60:80

November 16, 2024

CISA

CISA: CISA Releases One Industrial Control Systems Advisory

November 16, 2024

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

November 16, 2024

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

[RHYSIDA] – Ransomware Victim: American Addiction Centers

[LYNX] – Ransomware Victim: Grupo_Trisan

Brute Ratel C4 Detected – 52[.]193[.]97[.]60:80

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: CISA Adds One Known Exploited Vulnerability to Catalog