{"containers": {"cna": {"affected": [{"product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow/underflow occurs when typecasting the buffer passed by CPU internally in the library which is not aligned with the actual size of the structure' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P"}], "problemTypes": [{"descriptions": [{"description": "Improper Input Validation in Video", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-05-10T12:13:14", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"}, {"tags": ["x_refsource_MISC"], "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2020-11202", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile", "version": {"version_data": [{"version_value": "QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P"}]}}]}, "vendor_name": "Qualcomm, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow/underflow occurs when typecasting the buffer passed by CPU internally in the library which is not aligned with the actual size of the structure' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Input Validation in Video"}]}]}, "references": {"reference_data": [{"name": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/", "refsource": "MISC", "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"}, {"name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin", "refsource": "CONFIRM", "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"}, {"name": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/", "refsource": "MISC", "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"}]}}}}, "cveMetadata": {"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2020-11202", "datePublished": "2020-11-12T10:00:56", "dateReserved": "2020-03-31T00:00:00", "dateUpdated": "2021-05-10T12:13:14", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2EEFADBF-D751-499B-80E5-C1069E129F18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*", "matchCriteriaId": "D327FBA1-69B5-467B-9B1B-A0380994D21B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B05FD66D-13A6-40E9-A64B-E428378F237E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sda640_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C27515E-DAF6-4A67-8B21-6B4DF4C53772", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sda640:-:*:*:*:*:*:*:*", "matchCriteriaId": "2510B0C4-B993-461E-8EE3-5D4C1D8D82BF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sda670_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "067C0E1E-469C-43C3-B73A-9632C1E5D21A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sda670:-:*:*:*:*:*:*:*", "matchCriteriaId": "931D0055-A0C7-48FA-9F4E-0744B62C7CFC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "022D7D87-F60F-4DD2-9E0B-A9DFD3D69B22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*", "matchCriteriaId": "37FA5777-1B35-4BD1-BB81-CB5DE62F3D56", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm640_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3294361E-8FCA-4CFB-B9EA-917BB374D8FE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm640:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC7EF791-678C-4A58-9129-EF731948C203", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "00865826-86AE-425F-BE6F-162F611FB200", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm670:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CC0441C-C30B-4D99-9BAD-C1E4387302BB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D045BE4B-BC19-4A51-90E6-00C18389C81B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F006960-CDE3-4E74-B4F0-2C4B2CA93959", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm830_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "24B381CC-06B4-49C8-A30A-1072AA33238D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm830:-:*:*:*:*:*:*:*", "matchCriteriaId": "23CE52D0-DD13-4743-BEA1-F9AD7ABA7839", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DED4B719-53B5-4D16-B3FA-ADE29D28ED86", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*", "matchCriteriaId": "D342C86B-E184-457C-9F72-BD853ED79425", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "77FE5DEF-CB0F-459D-B5AA-9F45FE24AFD2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx50m:-:*:*:*:*:*:*:*", "matchCriteriaId": "657515D9-D609-4F76-9154-5ACC773A1C70", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6125_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE529BF7-0C9B-4B79-ABF8-54D5051F5E94", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6125:-:*:*:*:*:*:*:*", "matchCriteriaId": "124227C1-DC7A-4A44-A513-C83976464BD3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8ABE492A-3755-4969-9DEB-4B85EBB84644", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3D3787B-6ACC-4591-B041-01307ED66C36", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6150p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "252C1977-CB0B-4E87-A419-0483A638D90E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6150p:-:*:*:*:*:*:*:*", "matchCriteriaId": "50ACCEEC-C464-4873-A997-8366AA40B8C9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm7125_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "055E464C-C63A-455E-97B0-0D8A266A428F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm7125:-:*:*:*:*:*:*:*", "matchCriteriaId": "527A0A00-0C6C-4937-87A3-00668CF7BACB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F63A748F-2236-4486-83F1-DE4BCBE5D56D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*", "matchCriteriaId": "184F3DFC-27E8-48AC-B46C-C589DBCBF030", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm7150p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB0B9D41-F28E-4095-9A33-B24AB939A063", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm7150p:-:*:*:*:*:*:*:*", "matchCriteriaId": "80A48711-1DDF-4CC4-916D-CD44086EC7AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9286B1E8-E39F-4DAA-8969-311CA2A0A8AA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*", "matchCriteriaId": "19B9AE36-87A9-4EE7-87C8-CCA2DCF51039", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sm8150p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "80CEB8B9-7296-451F-B3B8-1C68392F0996", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sm8150p:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A3C851A-205F-42FC-88D2-58C613EDDD41", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Buffer overflow/underflow occurs when typecasting the buffer passed by CPU internally in the library which is not aligned with the actual size of the structure' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P"}, {"lang": "es", "value": "Un desbordamiento y subdesbordamiento del b\u00fafer se produce al encasillar el b\u00fafer pasado por la CPU internamente en la biblioteca que no est\u00e1 alineado con el tama\u00f1o real de la estructura' en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile en QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P"}], "id": "CVE-2020-11202", "lastModified": "2021-12-22T21:06:35.463", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-12T10:15:12.890", "references": [{"source": "product-security@qualcomm.com", "tags": ["Third Party Advisory"], "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"}, {"source": "product-security@qualcomm.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"}, {"source": "product-security@qualcomm.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"}], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}