CVE-2020-11208

Beschreibung:
Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument‘ in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439

CWE: CWE-191

CVSS-Bewertung
CVSS 2: HIGH – 7.2 (Version: 2.0)
CVSS 3: HIGH – 7.8 (Version: 3.1)

Links:

NVD – CVE-2020-11208
CVE – CVE-2020-11208

Link (max. 20) Quelle Tags
https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin CONFIRM Vendor Advisory Patch Third Party Advisory
https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/ MISC Third Party Advisory Vendor Advisory
https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/ MISC Third Party Advisory Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf CONFIRM Mailing List Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf CONFIRM Mailing List Vendor Advisory
[oss-security] 20201124 CVE-2020-13942: Remote Code Execution in Apache Unomi MLIST Mailing List Third Party Advisory
[announce] 20201124 CVE-2020-13942: Remote Code Execution in Apache Unomi MLIST Mailing List Vendor Advisory
https://advisory.checkmarx.net/advisory/CX-2020-4284 MISC Exploit Third Party Advisory
[unomi-commits] 20210428 svn commit: r1889256 – in /unomi/website: contribute-release-guide.html documentation.html download.html index.html security/cve-2021-31164.txt MLIST Exploit Mailing List Vendor Advisory

Quelle: NVD – CVE-2020-11208
Datum Veröffentlichung: 2020-11-12T10:15Z, Datum letzte Änderung: 2021-05-10T13:15Z