V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2020-11126
CVE
Critical

Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute,…

CVSS
9.1
Critical
EPSS
0.01
p51
Published
2020-01-01
Updated
2020-01-01
Description

Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Tags · CWE
RCEPre-auth
CWE-125
CAPEC-540
Affected products
Apq8096au_firmwareAqt1000_firmwareAr8031_firmwareAr8035_firmwareAr9380_firmwareCsr8811_firmwareCsra6620_firmwareCsra6640_firmwareIpq4018_firmwareIpq4028_firmwareIpq4029_firmwareIpq5010_firmwareIpq5018_firmwareIpq6000_firmwareIpq6005_firmwareIpq6010_firmwareIpq6018_firmwareIpq6028_firmwareIpq8064_firmwareIpq8069_firmware
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Timeline
2020-01-01
Published
2020-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: N
None (N)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.008 · p51
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Qualcomm
Wcd9380Wcd9380 FirmwareWsa8830Wsa8835Wcd9385Qca6574auWsa8830 FirmwareWsa8835 FirmwareWcd9385 FirmwareQca6574au Firmware+390
ProductVendorStatus
apq8096au_firmware*Tracked
aqt1000_firmware*Tracked
ar8031_firmware*Tracked
ar8035_firmware*Tracked
ar9380_firmware*Tracked
csr8811_firmware*Tracked
csra6620_firmware*Tracked
csra6640_firmware*Tracked
ipq4018_firmware*Tracked
ipq4028_firmware*Tracked
ipq4029_firmware*Tracked
ipq5010_firmware*Tracked
ipq5018_firmware*Tracked
ipq6000_firmware*Tracked
ipq6005_firmware*Tracked
ipq6010_firmware*Tracked
ipq6018_firmware*Tracked
ipq6028_firmware*Tracked
ipq8064_firmware*Tracked
ipq8069_firmware*Tracked
Showing first 20 of 391
Source databases
CVE