CVE-2020-11208

May 10, 2021

Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument’ in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439

Summary:

Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument’ in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439

Reference Links(if available):

  • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin
  • https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/
  • https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/

  • CVSS Score (if available)

    v2: / HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C

    v3: / HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    Links to Exploits(if available)

  • You may have missed

    news

    Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

    November 15, 2024
    news

    Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

    November 15, 2024
    news

    API Security Threats: 83% of Companies Experience Security Incidents

    November 15, 2024
    news

    Microsoft Power Pages: Misconfiguration Risks and Data Exposure

    November 15, 2024
    news

    Telecom Hack Exposes US Officials: Chinese Espionage Campaign Unveiled

    November 15, 2024