CVE-2020-11169

{"id": "CVE-2020-11169", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2020-11-02T07:15:13.997", "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin", "tags": ["Broken Link"], "source": "product-security@qualcomm.com"}, {"url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin", "tags": ["Vendor Advisory"], "source": "nvd@nist.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55"}, {"lang": "es", "value": "Una lectura excesiva del b\u00fafer mientras se procesa el paquete L2CAP recibido debido a una falta de comprobaci\u00f3n de desbordamiento de enteros en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking en versiones APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55"}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C61BF93F-53DF-4399-AF41-45CEC1E0A2B8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7CC498E0-B82B-4A53-8F55-6C1DA58AFA88"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B052615D-857A-46D4-9098-1CBFA14687C6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19B59B60-A298-4A56-A45A-E34B7AAB43D7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa415m_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4387DBE-67F7-4E95-A2B0-828211EBDC22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa415m:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AC798E06-0A2E-4DAD-81D1-9B2FAE6327C0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02A2DB6A-7137-4D3D-9D6E-B9B0D0376758"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa515m:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5BE4F498-4C58-4DCC-B7D8-1B461177D083"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sc8180x_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30A45C1A-C921-42B5-9237-367245023B45"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sc8180x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56C9D979-F214-4CD4-8CF9-43BC804BB179"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@qualcomm.com"}