VDB

CVE-2020-11125

CVE-2020-11125 PUBLISHED CVSS 7.800000190734863 HIGH

u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9150, MDM9607, MDM9650, MSM8905, MSM8917, MSM8953, Nicobar, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

EPSS 0.04% · 13.5th percentile

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.04%
13.5th percentile

Affected Products

VendorProductVersions
qualcommmdm9150_firmware
qualcommsdm439_firmware
qualcommnicobar_firmware
qualcommsc8180x_firmware
qualcommmsm8953_firmware
qualcommipq8064_firmware
qualcommqcs404_firmware
qualcommsdm660_firmware
qualcommkamorta_firmware
qualcommqcs405_firmware
qualcommmsm8917_firmware
qualcommmdm9650_firmware
qualcommqrb5165_firmware
qualcommqm215_firmware
qualcommapq8009_firmware
qualcommsa415m_firmware
qualcommagatti_firmware
qualcommsm8150_firmware
qualcommsdm670_firmware
qualcommipq6018_firmware

…and 29 more

Exploit Intelligence

Timeline

  • Oct 6, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›