Vulnerability Name:

CVE-2020-11210 (CCN-199651)

Assigned:2020-03-31
Published:2021-04-05
Updated:2022-05-03
Summary:Possible memory corruption in RPM region due to improper XPU configuration in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVSS v3 Severity:8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
8.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-787
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2020-11210

Source: XF
Type: UNKNOWN
qualcomm-cve202011210-code-exec(199651)

Source: CCN
Type: Qualcomm Web site
April 2021 Security Bulletin

Source: CONFIRM
Type: Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Vulnerable Configuration:Configuration 1:
  • cpe:/o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:ar8035:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:qualcomm:pm4125_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm4125:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:qualcomm:pm4250_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm4250:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:qualcomm:pm6125_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm6125:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:qualcomm:pm6150a_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm6150a:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:qualcomm:pm6150l_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm6150l:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:qualcomm:pm6350_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm6350:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:qualcomm:pm7250b_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm7250b:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:qualcomm:pm8008_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pm8008:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:qualcomm:pmd9655_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pmd9655:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:qualcomm:pmi632_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pmi632:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:qualcomm:pmk8003_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:pmk8003:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:qualcomm:qat3519_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qat3519:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:qualcomm:qat3522_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qat3522:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:qualcomm:qat3555_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qat3555:-:*:*:*:*:*:*:*

    • Configuration 16:
  • cpe:/o:qualcomm:qat5515_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qat5515:-:*:*:*:*:*:*:*

    • Configuration 17:
  • cpe:/o:qualcomm:qat5516_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qat5516:-:*:*:*:*:*:*:*

    • Configuration 18:
  • cpe:/o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6390:-:*:*:*:*:*:*:*

    • Configuration 19:
  • cpe:/o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca9984:-:*:*:*:*:*:*:*

    • Configuration 20:
  • cpe:/o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcm2290:-:*:*:*:*:*:*:*

    • Configuration 21:
  • cpe:/o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcm4290:-:*:*:*:*:*:*:*

    • Configuration 22:
  • cpe:/o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcs2290:-:*:*:*:*:*:*:*

    • Configuration 23:
  • cpe:/o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcs405:-:*:*:*:*:*:*:*

    • Configuration 24:
  • cpe:/o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcs4290:-:*:*:*:*:*:*:*

    • Configuration 25:
  • cpe:/o:qualcomm:qdm2301_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qdm2301:-:*:*:*:*:*:*:*

    • Configuration 26:
  • cpe:/o:qualcomm:qdm2302_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qdm2302:-:*:*:*:*:*:*:*

    • Configuration 27:
  • cpe:/o:qualcomm:qet4101_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qet4101:-:*:*:*:*:*:*:*

    • Configuration 28:
  • cpe:/o:qualcomm:qet6105_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qet6105:-:*:*:*:*:*:*:*

    • Configuration 29:
  • cpe:/o:qualcomm:qpa4360_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qpa4360:-:*:*:*:*:*:*:*

    • Configuration 30:
  • cpe:/o:qualcomm:qpa4361_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qpa4361:-:*:*:*:*:*:*:*

    • Configuration 31:
  • cpe:/o:qualcomm:qpa6560_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qpa6560:-:*:*:*:*:*:*:*

    • Configuration 32:
  • cpe:/o:qualcomm:qpa8673_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qpa8673:-:*:*:*:*:*:*:*

    • Configuration 33:
  • cpe:/o:qualcomm:qsw6310_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qsw6310:-:*:*:*:*:*:*:*

    • Configuration 34:
  • cpe:/o:qualcomm:qsw8573_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qsw8573:-:*:*:*:*:*:*:*

    • Configuration 35:
  • cpe:/o:qualcomm:qsw8574_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qsw8574:-:*:*:*:*:*:*:*

    • Configuration 36:
  • cpe:/o:qualcomm:qtc410s_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qtc410s:-:*:*:*:*:*:*:*

    • Configuration 37:
  • cpe:/o:qualcomm:qtm525_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qtm525:-:*:*:*:*:*:*:*

    • Configuration 38:
  • cpe:/o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd460:-:*:*:*:*:*:*:*

    • Configuration 39:
  • cpe:/o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd480:-:*:*:*:*:*:*:*

    • Configuration 40:
  • cpe:/o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd662:-:*:*:*:*:*:*:*

    • Configuration 41:
  • cpe:/o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd665:-:*:*:*:*:*:*:*

    • Configuration 42:
  • cpe:/o:qualcomm:sdr425_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sdr425:-:*:*:*:*:*:*:*

    • Configuration 43:
  • cpe:/o:qualcomm:sdr660_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sdr660:-:*:*:*:*:*:*:*

    • Configuration 44:
  • cpe:/o:qualcomm:sdr735_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sdr735:-:*:*:*:*:*:*:*

    • Configuration 45:
  • cpe:/o:qualcomm:sdr735g_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sdr735g:-:*:*:*:*:*:*:*

    • Configuration 46:
  • cpe:/o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sm4125:-:*:*:*:*:*:*:*

    • Configuration 47:
  • cpe:/o:qualcomm:smb1351_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb1351:-:*:*:*:*:*:*:*

    • Configuration 48:
  • cpe:/o:qualcomm:smb1354_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb1354:-:*:*:*:*:*:*:*

    • Configuration 49:
  • cpe:/o:qualcomm:smb1355_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb1355:-:*:*:*:*:*:*:*

    • Configuration 50:
  • cpe:/o:qualcomm:smb1396_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smb1396:-:*:*:*:*:*:*:*

    • Configuration 51:
  • cpe:/o:qualcomm:smr526_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:smr526:-:*:*:*:*:*:*:*

    • Configuration 52:
  • cpe:/o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

    • Configuration 53:
  • cpe:/o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

    • Configuration 54:
  • cpe:/o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

    • Configuration 55:
  • cpe:/o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3910:-:*:*:*:*:*:*:*

    • Configuration 56:
  • cpe:/o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

    • Configuration 57:
  • cpe:/o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

    • Configuration 58:
  • cpe:/o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

    • Configuration 59:
  • cpe:/o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

    • Configuration 60:
  • cpe:/o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

    • Configuration 61:
  • cpe:/o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3999:-:*:*:*:*:*:*:*

    • Configuration 62:
  • cpe:/o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

    • Configuration 63:
  • cpe:/o:qualcomm:wgr7640_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wgr7640:-:*:*:*:*:*:*:*

    • Configuration 64:
  • cpe:/o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

    • Configuration 65:
  • cpe:/o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

    • Configuration 66:
  • cpe:/o:qualcomm:wtr2965_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wtr2965:-:*:*:*:*:*:*:*

    • Configuration 67:
  • cpe:/o:qualcomm:wtr3925_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wtr3925:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:qualcomm:snapdragon_mobile:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:snapdragon_connectivity:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:snapdragon_industrial_internet_of_things:-:*:*:*:*:*:*:*
  • OR cpe:/o:qualcomm:snapdragon_wired_infrastructure_&_networking:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    qualcomm ar8035 firmware -
    qualcomm ar8035 -
    qualcomm pm4125 firmware -
    qualcomm pm4125 -
    qualcomm pm4250 firmware -
    qualcomm pm4250 -
    qualcomm pm6125 firmware -
    qualcomm pm6125 -
    qualcomm pm6150a firmware -
    qualcomm pm6150a -
    qualcomm pm6150l firmware -
    qualcomm pm6150l -
    qualcomm pm6350 firmware -
    qualcomm pm6350 -
    qualcomm pm7250b firmware -
    qualcomm pm7250b -
    qualcomm pm8008 firmware -
    qualcomm pm8008 -
    qualcomm pmd9655 firmware -
    qualcomm pmd9655 -
    qualcomm pmi632 firmware -
    qualcomm pmi632 -
    qualcomm pmk8003 firmware -
    qualcomm pmk8003 -
    qualcomm qat3519 firmware -
    qualcomm qat3519 -
    qualcomm qat3522 firmware -
    qualcomm qat3522 -
    qualcomm qat3555 firmware -
    qualcomm qat3555 -
    qualcomm qat5515 firmware -
    qualcomm qat5515 -
    qualcomm qat5516 firmware -
    qualcomm qat5516 -
    qualcomm qca6390 firmware -
    qualcomm qca6390 -
    qualcomm qca9984 firmware -
    qualcomm qca9984 -
    qualcomm qcm2290 firmware -
    qualcomm qcm2290 -
    qualcomm qcm4290 firmware -
    qualcomm qcm4290 -
    qualcomm qcs2290 firmware -
    qualcomm qcs2290 -
    qualcomm qcs405 firmware -
    qualcomm qcs405 -
    qualcomm qcs4290 firmware -
    qualcomm qcs4290 -
    qualcomm qdm2301 firmware -
    qualcomm qdm2301 -
    qualcomm qdm2302 firmware -
    qualcomm qdm2302 -
    qualcomm qet4101 firmware -
    qualcomm qet4101 -
    qualcomm qet6105 firmware -
    qualcomm qet6105 -
    qualcomm qpa4360 firmware -
    qualcomm qpa4360 -
    qualcomm qpa4361 firmware -
    qualcomm qpa4361 -
    qualcomm qpa6560 firmware -
    qualcomm qpa6560 -
    qualcomm qpa8673 firmware -
    qualcomm qpa8673 -
    qualcomm qsw6310 firmware -
    qualcomm qsw6310 -
    qualcomm qsw8573 firmware -
    qualcomm qsw8573 -
    qualcomm qsw8574 firmware -
    qualcomm qsw8574 -
    qualcomm qtc410s firmware -
    qualcomm qtc410s -
    qualcomm qtm525 firmware -
    qualcomm qtm525 -
    qualcomm sd460 firmware -
    qualcomm sd460 -
    qualcomm sd480 firmware -
    qualcomm sd480 -
    qualcomm sd662 firmware -
    qualcomm sd662 -
    qualcomm sd665 firmware -
    qualcomm sd665 -
    qualcomm sdr425 firmware -
    qualcomm sdr425 -
    qualcomm sdr660 firmware -
    qualcomm sdr660 -
    qualcomm sdr735 firmware -
    qualcomm sdr735 -
    qualcomm sdr735g firmware -
    qualcomm sdr735g -
    qualcomm sm4125 firmware -
    qualcomm sm4125 -
    qualcomm smb1351 firmware -
    qualcomm smb1351 -
    qualcomm smb1354 firmware -
    qualcomm smb1354 -
    qualcomm smb1355 firmware -
    qualcomm smb1355 -
    qualcomm smb1396 firmware -
    qualcomm smb1396 -
    qualcomm smr526 firmware -
    qualcomm smr526 -
    qualcomm wcd9370 firmware -
    qualcomm wcd9370 -
    qualcomm wcd9375 firmware -
    qualcomm wcd9375 -
    qualcomm wcd9385 firmware -
    qualcomm wcd9385 -
    qualcomm wcn3910 firmware -
    qualcomm wcn3910 -
    qualcomm wcn3950 firmware -
    qualcomm wcn3950 -
    qualcomm wcn3980 firmware -
    qualcomm wcn3980 -
    qualcomm wcn3988 firmware -
    qualcomm wcn3988 -
    qualcomm wcn3991 firmware -
    qualcomm wcn3991 -
    qualcomm wcn3998 firmware -
    qualcomm wcn3998 -
    qualcomm wcn3999 firmware -
    qualcomm wcn3999 -
    qualcomm wcn6850 firmware -
    qualcomm wcn6850 -
    qualcomm wgr7640 firmware -
    qualcomm wgr7640 -
    qualcomm wsa8810 firmware -
    qualcomm wsa8810 -
    qualcomm wsa8815 firmware -
    qualcomm wsa8815 -
    qualcomm wtr2965 firmware -
    qualcomm wtr2965 -
    qualcomm wtr3925 firmware -
    qualcomm wtr3925 -
    qualcomm snapdragon mobile -
    qualcomm snapdragon connectivity -
    qualcomm snapdragon industrial internet of things -
    qualcomm snapdragon wired infrastructure & networking -