CVE-2020-11187

Published: Feb 22, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile

Affected (98)

Products: Qualcomm: Aqt1000 Firmware, Csrb31024 Firmware, Pm7150a Firmware, Pm7150l Firmware, Pm7250 Firmware, Pm7250b Firmware, Pm8004 Firmware, Pm8008 Firmware, Pm855 Firmware, Pm855b Firmware, Pm855l Firmware, Pm855p Firmware, Pmk8002 Firmware, Pmx24 Firmware, Pmx50 Firmware, Pmx55 Firmware, Qat3516 Firmware, Qat3518 Firmware, Qat3519 Firmware, Qat3555 Firmware, Qat5515 Firmware, Qat5522 Firmware, Qat5533 Firmware, Qbt2000 Firmware, Qca6391 Firmware, Qca6564au Firmware, Qca6574a Firmware, Qca6574au Firmware, Qca6584au Firmware, Qca6595au Firmware, Qca6696 Firmware, Qca8337 Firmware, Qdm2301 Firmware, Qdm2305 Firmware, Qdm3301 Firmware, Qdm5620 Firmware, Qdm5621 Firmware, Qdm5650 Firmware, Qdm5652 Firmware, Qdm5670 Firmware, Qdm5671 Firmware, Qdm5677 Firmware, Qdm5679 Firmware, Qet4101 Firmware, Qet5100 Firmware, Qet6110 Firmware, Qln1021aq Firmware, Qln1031 Firmware, Qln1036aq Firmware, Qln4642 Firmware, Qln4650 Firmware, Qln5020 Firmware, Qln5030 Firmware, Qln5040 Firmware, Qpa2625 Firmware, Qpa5580 Firmware, Qpa6560 Firmware, Qpa8673 Firmware, Qpa8686 Firmware, Qpa8801 Firmware, Qpa8802 Firmware, Qpa8803 Firmware, Qpa8821 Firmware, Qpa8842 Firmware, Qpm5621 Firmware, Qpm5658 Firmware, Qpm5670 Firmware, Qpm5677 Firmware, Qpm5679 Firmware, Qpm6582 Firmware, Qpm6585 Firmware, Qpm8830 Firmware, Qpm8895 Firmware, Qtc801s Firmware, Qtm525 Firmware, Qtm527 Firmware, Sa415m Firmware, Sd765 Firmware, Sd765g Firmware, Sd768g Firmware, Sdr051 Firmware, Sdr052 Firmware, Sdr8150 Firmware, Sdr865 Firmware, Sdx50m Firmware, Sdx55 Firmware, Sm7250p Firmware, Smb1355 Firmware, Smb1390 Firmware, Smr525 Firmware, Smr526 Firmware, Wcd9341 Firmware, Wcd9380 Firmware, Wcd9385 Firmware, Wcn3991 Firmware, Wcn3998 Firmware, Wsa8810 Firmware, Wsa8815 Firmware

98 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Aqt1000 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Aqt1000	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Csrb31024 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Csrb31024	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm7150a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm7150a	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm7150l Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm7150l	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm7250 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm7250	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm7250b Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm7250b	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm8004 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm8004	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm8008 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm8008	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm855 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm855	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm855b Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm855b	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm855l Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm855l	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm855p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm855p	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pmk8002 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pmk8002	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pmx24 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pmx24	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pmx50 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pmx50	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pmx55 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pmx55	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qat3516 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qat3516	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qat3518 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qat3518	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qat3519 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qat3519	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qat3555 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qat3555	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qat5515 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qat5515	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qat5522 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qat5522	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qat5533 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qat5533	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qbt2000 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qbt2000	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6391 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6391	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6564au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6564au	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574a	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574au	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6584au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6584au	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6595au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6595au	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6696 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6696	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8337 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8337	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm2301 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm2301	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm2305 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm2305	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm3301 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm3301	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm5620 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm5620	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm5621 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm5621	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm5650 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm5650	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm5652 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm5652	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm5670 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm5670	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm5671 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm5671	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm5677 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm5677	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdm5679 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdm5679	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qet4101 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qet4101	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qet5100 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qet5100	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qet6110 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qet6110	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qln1021aq Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qln1021aq	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qln1031 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qln1031	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qln1036aq Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qln1036aq	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qln4642 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qln4642	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qln4650 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qln4650	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qln5020 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qln5020	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qln5030 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qln5030	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qln5040 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qln5040	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa2625 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa2625	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa5580 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa5580	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa6560 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa6560	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa8673 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa8673	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa8686 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa8686	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa8801 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa8801	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa8802 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa8802	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa8803 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa8803	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa8821 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa8821	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpa8842 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpa8842	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpm5621 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpm5621	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpm5658 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpm5658	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpm5670 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpm5670	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpm5677 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpm5677	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpm5679 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpm5679	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpm6582 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpm6582	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpm6585 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpm6585	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpm8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpm8830	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qpm8895 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qpm8895	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qtc801s Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qtc801s	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qtm525 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qtm525	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qtm527 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qtm527	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa415m Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa415m	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd765 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd765	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd765g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd765g	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd768g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd768g	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdr051 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdr051	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdr052 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdr052	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdr8150 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdr8150	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdr865 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdr865	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx50m Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx50m	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx55 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx55	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm7250p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm7250p	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Smb1355 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Smb1355	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Smb1390 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Smb1390	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Smr525 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Smr525	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Smr526 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Smr526	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9341 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9341	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9380 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9380	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9385 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9385	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3991 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3991	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3998 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3998	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Related CWEs

CWE-129

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Source: product-security@qualcomm.com

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.