← back
CVE-2020-11247

CVE-2020-11247

CVSS 8.2 HIGHEPSS 0.9%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.2EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
07 Apr 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Affected products
Qualcomm, Inc. · Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin