Vulnerability Name:

CVE-2020-11263 (CCN-216484)

Assigned:2020-03-31
Published:2021-12-06
Updated:2022-01-11
Summary:An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVSS v3 Severity:8.2 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.7 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-190
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2020-11263

Source: XF
Type: UNKNOWN
qualcomm-cve202011263-bo(216484)

Source: CCN
Type: Qualcomm Web site
December 2021 Security Bulletin

Source: CONFIRM
Type: Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin

Vulnerable Configuration:Configuration 1:
  • cpe:/o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:ar8035:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6390:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6391:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6426:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca6436:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca8337:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qca9984:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcm2290:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcm4290:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcs2290:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcs405:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcs410:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcs4290:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcs610:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:qualcomm:qcx315_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qcx315:-:*:*:*:*:*:*:*

    • Configuration 16:
  • cpe:/o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qrb5165:-:*:*:*:*:*:*:*

    • Configuration 17:
  • cpe:/o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*

    • Configuration 18:
  • cpe:/o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:qsm8250:-:*:*:*:*:*:*:*

    • Configuration 19:
  • cpe:/o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd460:-:*:*:*:*:*:*:*

    • Configuration 20:
  • cpe:/o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd480:-:*:*:*:*:*:*:*

    • Configuration 21:
  • cpe:/o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd662:-:*:*:*:*:*:*:*

    • Configuration 22:
  • cpe:/o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd675:-:*:*:*:*:*:*:*

    • Configuration 23:
  • cpe:/o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd678:-:*:*:*:*:*:*:*

    • Configuration 24:
  • cpe:/o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd690_5g:-:*:*:*:*:*:*:*

    • Configuration 25:
  • cpe:/o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd720g:-:*:*:*:*:*:*:*

    • Configuration 26:
  • cpe:/o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd730:-:*:*:*:*:*:*:*

    • Configuration 27:
  • cpe:/o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd750g:-:*:*:*:*:*:*:*

    • Configuration 28:
  • cpe:/o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd765:-:*:*:*:*:*:*:*

    • Configuration 29:
  • cpe:/o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd765g:-:*:*:*:*:*:*:*

    • Configuration 30:
  • cpe:/o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd768g:-:*:*:*:*:*:*:*

    • Configuration 31:
  • cpe:/o:qualcomm:sd7c_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd7c:-:*:*:*:*:*:*:*

    • Configuration 32:
  • cpe:/o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

    • Configuration 33:
  • cpe:/o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd870:-:*:*:*:*:*:*:*

    • Configuration 34:
  • cpe:/o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sdx55:-:*:*:*:*:*:*:*

    • Configuration 35:
  • cpe:/o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

    • Configuration 36:
  • cpe:/o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*

    • Configuration 37:
  • cpe:/o:qualcomm:sm6225_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sm6225:-:*:*:*:*:*:*:*

    • Configuration 38:
  • cpe:/o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sm6250:-:*:*:*:*:*:*:*

    • Configuration 39:
  • cpe:/o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sm6250p:-:*:*:*:*:*:*:*

    • Configuration 40:
  • cpe:/o:qualcomm:sm6375_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sm6375:-:*:*:*:*:*:*:*

    • Configuration 41:
  • cpe:/o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sm7250p:-:*:*:*:*:*:*:*

    • Configuration 42:
  • cpe:/o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

    • Configuration 43:
  • cpe:/o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

    • Configuration 44:
  • cpe:/o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

    • Configuration 45:
  • cpe:/o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

    • Configuration 46:
  • cpe:/o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

    • Configuration 47:
  • cpe:/o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3910:-:*:*:*:*:*:*:*

    • Configuration 48:
  • cpe:/o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

    • Configuration 49:
  • cpe:/o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

    • Configuration 50:
  • cpe:/o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

    • Configuration 51:
  • cpe:/o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3990:-:*:*:*:*:*:*:*

    • Configuration 52:
  • cpe:/o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

    • Configuration 53:
  • cpe:/o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

    • Configuration 54:
  • cpe:/o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn3999:-:*:*:*:*:*:*:*

    • Configuration 55:
  • cpe:/o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

    • Configuration 56:
  • cpe:/o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wcn6851:-:*:*:*:*:*:*:*

    • Configuration 57:
  • cpe:/o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

    • Configuration 58:
  • cpe:/o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

    • Configuration 59:
  • cpe:/o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

    • Configuration 60:
  • cpe:/o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

    • Configuration 61:
  • cpe:/o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:qualcomm:sd_675:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:qualcomm:snapdragon_mobile:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:snapdragon_compute:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:snapdragon_connectivity:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:snapdragon_consumer_internet_of_things:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:snapdragon_industrial_internet_of_things:-:*:*:*:*:*:*:*
  • OR cpe:/o:qualcomm:snapdragon_wired_infrastructure_&_networking:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    qualcomm ar8035 firmware -
    qualcomm ar8035 -
    qualcomm qca6390 firmware -
    qualcomm qca6390 -
    qualcomm qca6391 firmware -
    qualcomm qca6391 -
    qualcomm qca6426 firmware -
    qualcomm qca6426 -
    qualcomm qca6436 firmware -
    qualcomm qca6436 -
    qualcomm qca8337 firmware -
    qualcomm qca8337 -
    qualcomm qca9984 firmware -
    qualcomm qca9984 -
    qualcomm qcm2290 firmware -
    qualcomm qcm2290 -
    qualcomm qcm4290 firmware -
    qualcomm qcm4290 -
    qualcomm qcs2290 firmware -
    qualcomm qcs2290 -
    qualcomm qcs405 firmware -
    qualcomm qcs405 -
    qualcomm qcs410 firmware -
    qualcomm qcs410 -
    qualcomm qcs4290 firmware -
    qualcomm qcs4290 -
    qualcomm qcs610 firmware -
    qualcomm qcs610 -
    qualcomm qcx315 firmware -
    qualcomm qcx315 -
    qualcomm qrb5165 firmware -
    qualcomm qrb5165 -
    qualcomm qrb5165n firmware -
    qualcomm qrb5165n -
    qualcomm qsm8250 firmware -
    qualcomm qsm8250 -
    qualcomm sd460 firmware -
    qualcomm sd460 -
    qualcomm sd480 firmware -
    qualcomm sd480 -
    qualcomm sd662 firmware -
    qualcomm sd662 -
    qualcomm sd675 firmware -
    qualcomm sd675 -
    qualcomm sd678 firmware -
    qualcomm sd678 -
    qualcomm sd690 5g firmware -
    qualcomm sd690 5g -
    qualcomm sd720g firmware -
    qualcomm sd720g -
    qualcomm sd730 firmware -
    qualcomm sd730 -
    qualcomm sd750g firmware -
    qualcomm sd750g -
    qualcomm sd765 firmware -
    qualcomm sd765 -
    qualcomm sd765g firmware -
    qualcomm sd765g -
    qualcomm sd768g firmware -
    qualcomm sd768g -
    qualcomm sd7c firmware -
    qualcomm sd7c -
    qualcomm sd865 5g firmware -
    qualcomm sd865 5g -
    qualcomm sd870 firmware -
    qualcomm sd870 -
    qualcomm sdx55 firmware -
    qualcomm sdx55 -
    qualcomm sdx55m firmware -
    qualcomm sdx55m -
    qualcomm sdxr2 5g firmware -
    qualcomm sdxr2 5g -
    qualcomm sm6225 firmware -
    qualcomm sm6225 -
    qualcomm sm6250 firmware -
    qualcomm sm6250 -
    qualcomm sm6250p firmware -
    qualcomm sm6250p -
    qualcomm sm6375 firmware -
    qualcomm sm6375 -
    qualcomm sm7250p firmware -
    qualcomm sm7250p -
    qualcomm wcd9341 firmware -
    qualcomm wcd9341 -
    qualcomm wcd9370 firmware -
    qualcomm wcd9370 -
    qualcomm wcd9375 firmware -
    qualcomm wcd9375 -
    qualcomm wcd9380 firmware -
    qualcomm wcd9380 -
    qualcomm wcd9385 firmware -
    qualcomm wcd9385 -
    qualcomm wcn3910 firmware -
    qualcomm wcn3910 -
    qualcomm wcn3950 firmware -
    qualcomm wcn3950 -
    qualcomm wcn3980 firmware -
    qualcomm wcn3980 -
    qualcomm wcn3988 firmware -
    qualcomm wcn3988 -
    qualcomm wcn3990 firmware -
    qualcomm wcn3990 -
    qualcomm wcn3991 firmware -
    qualcomm wcn3991 -
    qualcomm wcn3998 firmware -
    qualcomm wcn3998 -
    qualcomm wcn3999 firmware -
    qualcomm wcn3999 -
    qualcomm wcn6850 firmware -
    qualcomm wcn6850 -
    qualcomm wcn6851 firmware -
    qualcomm wcn6851 -
    qualcomm wsa8810 firmware -
    qualcomm wsa8810 -
    qualcomm wsa8815 firmware -
    qualcomm wsa8815 -
    qualcomm wsa8830 firmware -
    qualcomm wsa8830 -
    qualcomm wsa8835 firmware -
    qualcomm wsa8835 -
    qualcomm sd 675 firmware -
    qualcomm sd 675 -
    qualcomm snapdragon mobile -
    qualcomm snapdragon compute -
    qualcomm snapdragon connectivity -
    qualcomm snapdragon consumer internet of things -
    qualcomm snapdragon industrial internet of things -
    qualcomm snapdragon wired infrastructure & networking -