CVE-2020-11201

{"id": "CVE-2020-11201", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-11-12T10:15:12.827", "references": [{"url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/", "tags": ["Third Party Advisory"], "source": "product-security@qualcomm.com"}, {"url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/", "tags": ["Exploit", "Third Party Advisory"], "source": "product-security@qualcomm.com"}, {"url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin", "tags": ["Broken Link", "Vendor Advisory"], "source": "product-security@qualcomm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA845, SDM640, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P"}, {"lang": "es", "value": "Un acceso arbitrario a la memoria del DSP debido a una comprobaci\u00f3n incorrecta en la biblioteca cargada de los datos recibidos del lado de la CPU' en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile en QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA845, SDM640, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P"}], "lastModified": "2021-12-30T13:52:12.067", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EEFADBF-D751-499B-80E5-C1069E129F18"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D327FBA1-69B5-467B-9B1B-A0380994D21B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B05FD66D-13A6-40E9-A64B-E428378F237E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sda640_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C27515E-DAF6-4A67-8B21-6B4DF4C53772"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sda640:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2510B0C4-B993-461E-8EE3-5D4C1D8D82BF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "022D7D87-F60F-4DD2-9E0B-A9DFD3D69B22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "37FA5777-1B35-4BD1-BB81-CB5DE62F3D56"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm640_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3294361E-8FCA-4CFB-B9EA-917BB374D8FE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm640:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC7EF791-678C-4A58-9129-EF731948C203"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm830_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24B381CC-06B4-49C8-A30A-1072AA33238D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm830:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "23CE52D0-DD13-4743-BEA1-F9AD7ABA7839"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DED4B719-53B5-4D16-B3FA-ADE29D28ED86"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D342C86B-E184-457C-9F72-BD853ED79425"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77FE5DEF-CB0F-459D-B5AA-9F45FE24AFD2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx50m:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "657515D9-D609-4F76-9154-5ACC773A1C70"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6125_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE529BF7-0C9B-4B79-ABF8-54D5051F5E94"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6125:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "124227C1-DC7A-4A44-A513-C83976464BD3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8ABE492A-3755-4969-9DEB-4B85EBB84644"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E3D3787B-6ACC-4591-B041-01307ED66C36"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm7125_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "055E464C-C63A-455E-97B0-0D8A266A428F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm7125:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "527A0A00-0C6C-4937-87A3-00668CF7BACB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F63A748F-2236-4486-83F1-DE4BCBE5D56D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "184F3DFC-27E8-48AC-B46C-C589DBCBF030"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm7150p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB0B9D41-F28E-4095-9A33-B24AB939A063"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm7150p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80A48711-1DDF-4CC4-916D-CD44086EC7AB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9286B1E8-E39F-4DAA-8969-311CA2A0A8AA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19B9AE36-87A9-4EE7-87C8-CCA2DCF51039"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8150p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80CEB8B9-7296-451F-B3B8-1C68392F0996"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8150p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7A3C851A-205F-42FC-88D2-58C613EDDD41"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@qualcomm.com"}