Vulnerabilites related to Qualcomm, Inc. - Snapdragon Industrial IOT, Snapdragon Mobile
cve-2021-35070
Vulnerability from cvelistv5
Published
2022-06-14 10:11
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm, Inc. | Snapdragon Industrial IOT, Snapdragon Mobile |
Version: QCM6125, QCS6125, SD665, WCD9370, WCD9375, WCN3950, WCN3980, WSA8810, WSA8815 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:33:51.154Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Industrial IOT, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "QCM6125, QCS6125, SD665, WCD9370, WCD9375, WCN3950, WCN3980, WSA8810, WSA8815"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Exposure in Kernel",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-14T10:11:12",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2021-35070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Industrial IOT, Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "QCM6125, QCS6125, SD665, WCD9370, WCD9375, WCN3950, WCN3980, WSA8810, WSA8815"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile"
}
]
},
"impact": {
"cvss": {
"baseScore": 6.5,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure in Kernel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2021-35070",
"datePublished": "2022-06-14T10:11:12",
"dateReserved": "2021-06-21T00:00:00",
"dateUpdated": "2024-08-04T00:33:51.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-14092
Vulnerability from cvelistv5
Published
2020-06-22 07:10
Modified
2024-08-05 00:12
Severity ?
EPSS score ?
Summary
System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm, Inc. | Snapdragon Industrial IOT, Snapdragon Mobile |
Version: MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:12:43.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Industrial IOT, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Exposure Issue in Telephony",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-22T07:10:37",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2019-14092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Industrial IOT, Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure Issue in Telephony"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2019-14092",
"datePublished": "2020-06-22T07:10:37",
"dateReserved": "2019-07-19T00:00:00",
"dateUpdated": "2024-08-05T00:12:43.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35087
Vulnerability from cvelistv5
Published
2022-06-14 09:50
Modified
2024-08-04 00:33
Severity ?
EPSS score ?
Summary
Possible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm, Inc. | Snapdragon Industrial IOT, Snapdragon Mobile |
Version: AR8035, QCA6390, QCA6391, QCA8081, QCA8337, QCM6490, QCS6490, SD 8 Gen1 5G, SD480, SD690 5G, SD695, SD765, SD765G, SD768G, SD778G, SD780G, SD865 5G, SD870, SD888 5G, SDX55, SDX55M, SDX65, SM7250P, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3988, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:33:50.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Industrial IOT, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AR8035, QCA6390, QCA6391, QCA8081, QCA8337, QCM6490, QCS6490, SD 8 Gen1 5G, SD480, SD690 5G, SD695, SD765, SD765G, SD768G, SD778G, SD780G, SD865 5G, SD870, SD888 5G, SDX55, SDX55M, SDX65, SM7250P, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3988, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Possible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation in Modem",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-14T09:50:58",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2021-35087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Industrial IOT, Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "AR8035, QCA6390, QCA6391, QCA8081, QCA8337, QCM6490, QCS6490, SD 8 Gen1 5G, SD480, SD690 5G, SD695, SD765, SD765G, SD768G, SD778G, SD780G, SD865 5G, SD870, SD888 5G, SDX55, SDX55M, SDX65, SM7250P, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3988, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Possible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile"
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation in Modem"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2021-35087",
"datePublished": "2022-06-14T09:50:58",
"dateReserved": "2021-06-21T00:00:00",
"dateUpdated": "2024-08-04T00:33:50.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-14105
Vulnerability from cvelistv5
Published
2020-04-16 10:46
Modified
2024-08-05 00:12
Severity ?
EPSS score ?
Summary
Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SM8150
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm, Inc. | Snapdragon Industrial IOT, Snapdragon Mobile |
Version: SDA845, SDM845, SM8150 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:12:42.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Industrial IOT, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "SDA845, SDM845, SM8150"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SM8150"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stack Based Buffer Overflow in Camera",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T10:46:14",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2019-14105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Industrial IOT, Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "SDA845, SDM845, SM8150"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SM8150"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack Based Buffer Overflow in Camera"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2019-14105",
"datePublished": "2020-04-16T10:46:14",
"dateReserved": "2019-07-19T00:00:00",
"dateUpdated": "2024-08-05T00:12:42.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-11242
Vulnerability from cvelistv5
Published
2021-04-07 07:55
Modified
2024-08-04 11:28
Severity ?
EPSS score ?
Summary
User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Qualcomm, Inc. | Snapdragon Industrial IOT, Snapdragon Mobile |
Version: PM660, PM660A, PM660L, PM855A, PMM855AU, QAT3514, QAT3522, QAT3550, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QET4100, QET4101, QET4200AQ, QLN1021AQ, QLN1031, QLN1036AQ, QPA4340, QPA4360, QPA5460, QTC800H, QTC800S, RSW8577, SD 455, SD 636, SD660, SDM630, SDR660, SMB1351, WCD9335, WCD9340, WCD9341, WCN3950, WCN3980, WCN3990 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:28:13.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Industrial IOT, Snapdragon Mobile",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "PM660, PM660A, PM660L, PM855A, PMM855AU, QAT3514, QAT3522, QAT3550, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QET4100, QET4101, QET4200AQ, QLN1021AQ, QLN1031, QLN1036AQ, QPA4340, QPA4360, QPA5460, QTC800H, QTC800S, RSW8577, SD 455, SD 636, SD660, SDM630, SDR660, SMB1351, WCD9335, WCD9340, WCD9341, WCN3950, WCN3980, WCN3990"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Out-of-Range Pointer Offset in Core",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-07T07:55:31",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2020-11242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Industrial IOT, Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "PM660, PM660A, PM660L, PM855A, PMM855AU, QAT3514, QAT3522, QAT3550, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QET4100, QET4101, QET4200AQ, QLN1021AQ, QLN1031, QLN1036AQ, QPA4340, QPA4360, QPA5460, QTC800H, QTC800S, RSW8577, SD 455, SD 636, SD660, SDM630, SDR660, SMB1351, WCD9335, WCD9340, WCD9341, WCN3950, WCN3980, WCN3990"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile"
}
]
},
"impact": {
"cvss": {
"baseScore": "8.4",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Out-of-Range Pointer Offset in Core"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2020-11242",
"datePublished": "2021-04-07T07:55:31",
"dateReserved": "2020-03-31T00:00:00",
"dateUpdated": "2024-08-04T11:28:13.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}