Vulnerability Name:

CVE-2020-11268 (CCN-201469)

Assigned:2020-03-31
Published:2021-05-03
Updated:2021-05-14
Summary:Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2020-11268

Source: XF
Type: UNKNOWN
qualcomm-cve202011268-dos(201469)

Source: CCN
Type: Qualcomm Web site
May 2021 Security Bulletin

Source: CONFIRM
Type: Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin

Vulnerable Configuration:Configuration 1:
  • cpe:/h:qualcomm:apq8009:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:apq8016:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:apq8074:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:apq8084:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:apq8094:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:ar6003:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm8215:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm8215m:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm8615m:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm9215:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm9235m:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm9310:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm9615:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm9645:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8974:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8939:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8108:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8208:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8209:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8608:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8994:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:pm8018:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:pm8909:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:pm8916:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm9615m:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8916:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8929:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:mdm9609:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8216:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8274:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8674:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:msm8974p:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:pm8841:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:pm8941:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qca6174a:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qca6584:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:sd210:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qca6174:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wcd9330:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:pmd9645:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:pmi8994:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe1040:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe2101:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe2340:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe2550:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe3100:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe3320:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:smb1360:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wcn3610:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wgr7640:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wtr1605:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wtr2955:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wtr3925:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:pmd9635:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qca1990:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe1045:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe1100:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe2330:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe2520:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe3335:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe3340:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe3345:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wcd9306:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wcn3620:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wcn3660:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wcn3660a:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wcn3680:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wfr1620:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wtr1605l:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wtr1625:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wtr1625l:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wtr2605:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe1035:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:pm8994:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe2310:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe2320:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe1101:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe1520:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe1550:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:qfe2720:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wtr4605:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:wtr4905:-:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/h:qualcomm:snapdragon_mobile:-:*:*:*:*:*:*:*
  • OR cpe:/h:qualcomm:snapdragon_auto:-:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    qualcomm apq8009 -
    qualcomm apq8016 -
    qualcomm apq8074 -
    qualcomm apq8084 -
    qualcomm apq8094 -
    qualcomm ar6003 -
    qualcomm mdm8215 -
    qualcomm mdm8215m -
    qualcomm mdm8615m -
    qualcomm mdm9215 -
    qualcomm mdm9235m -
    qualcomm mdm9310 -
    qualcomm mdm9635m -
    qualcomm mdm9615 -
    qualcomm mdm9640 -
    qualcomm mdm9645 -
    qualcomm msm8974 -
    qualcomm msm8939 -
    qualcomm msm8108 -
    qualcomm msm8208 -
    qualcomm msm8209 -
    qualcomm msm8608 -
    qualcomm msm8994 -
    qualcomm pm8018 -
    qualcomm pm8909 -
    qualcomm pm8916 -
    qualcomm mdm9615m -
    qualcomm msm8916 -
    qualcomm msm8929 -
    qualcomm mdm9609 -
    qualcomm msm8216 -
    qualcomm msm8274 -
    qualcomm msm8674 -
    qualcomm msm8974p -
    qualcomm pm8841 -
    qualcomm pm8941 -
    qualcomm qca6174a -
    qualcomm qca6584 -
    qualcomm sd210 -
    qualcomm qca6174 -
    qualcomm wcd9330 -
    qualcomm pmd9645 -
    qualcomm pmi8994 -
    qualcomm qfe1040 -
    qualcomm qfe2101 -
    qualcomm qfe2340 -
    qualcomm qfe2550 -
    qualcomm qfe3100 -
    qualcomm qfe3320 -
    qualcomm smb1360 -
    qualcomm wcn3610 -
    qualcomm wcn3660b -
    qualcomm wcn3680b -
    qualcomm wgr7640 -
    qualcomm wtr1605 -
    qualcomm wtr2955 -
    qualcomm wtr3925 -
    qualcomm pmd9635 -
    qualcomm qca1990 -
    qualcomm qfe1045 -
    qualcomm qfe1100 -
    qualcomm qfe2330 -
    qualcomm qfe2520 -
    qualcomm qfe3335 -
    qualcomm qfe3340 -
    qualcomm qfe3345 -
    qualcomm wcd9306 -
    qualcomm wcn3620 -
    qualcomm wcn3660 -
    qualcomm wcn3660a -
    qualcomm wcn3680 -
    qualcomm wfr1620 -
    qualcomm wtr1605l -
    qualcomm wtr1625 -
    qualcomm wtr1625l -
    qualcomm wtr2605 -
    qualcomm qfe1035 -
    qualcomm pm8994 -
    qualcomm qfe2310 -
    qualcomm qfe2320 -
    qualcomm qfe1101 -
    qualcomm qfe1520 -
    qualcomm qfe1550 -
    qualcomm qfe2720 -
    qualcomm wtr4605 -
    qualcomm wtr4905 -
    qualcomm snapdragon mobile -
    qualcomm snapdragon auto -