CVE-2020-11134
Last modified
CVE-2020-11134 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking. EPSS estimates a 0.80% chance of exploitation in the next 30 days.
Description
Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Aqt1000 Firmware | All versions |
| Qualcomm | Ar8031 Firmware | All versions |
| Qualcomm | Ar8035 Firmware | All versions |
| Qualcomm | Csr8811 Firmware | All versions |
| Qualcomm | Csra6620 Firmware | All versions |
| Qualcomm | Csra6640 Firmware | All versions |
| Qualcomm | Ipq5010 Firmware | All versions |
| Qualcomm | Ipq5018 Firmware | All versions |
| Qualcomm | Ipq6000 Firmware | All versions |
| Qualcomm | Ipq6005 Firmware | All versions |
| Qualcomm | Ipq6010 Firmware | All versions |
| Qualcomm | Ipq6018 Firmware | All versions |
| Qualcomm | Ipq6028 Firmware | All versions |
| Qualcomm | Ipq8070 Firmware | All versions |
| Qualcomm | Ipq8070a Firmware | All versions |
| Qualcomm | Ipq8071 Firmware | All versions |
| Qualcomm | Ipq8071a Firmware | All versions |
| Qualcomm | Ipq8072 Firmware | All versions |
| Qualcomm | Ipq8072a Firmware | All versions |
| Qualcomm | Ipq8074 Firmware | All versions |
| Qualcomm | Ipq8074a Firmware | All versions |
| Qualcomm | Ipq8076 Firmware | All versions |
| Qualcomm | Ipq8076a Firmware | All versions |
| Qualcomm | Ipq8078 Firmware | All versions |
| Qualcomm | Ipq8078a Firmware | All versions |
| Qualcomm | Ipq8173 Firmware | All versions |
| Qualcomm | Ipq8174 Firmware | All versions |
| Qualcomm | Pm3003a Firmware | All versions |
| Qualcomm | Pm4125 Firmware | All versions |
| Qualcomm | Pm456 Firmware | All versions |
| Qualcomm | Pm6125 Firmware | All versions |
| Qualcomm | Pm6150 Firmware | All versions |
| Qualcomm | Pm6150a Firmware | All versions |
| Qualcomm | Pm6150l Firmware | All versions |
| Qualcomm | Pm6250 Firmware | All versions |
| Qualcomm | Pm6350 Firmware | All versions |
| Qualcomm | Pm640a Firmware | All versions |
| Qualcomm | Pm640l Firmware | All versions |
| Qualcomm | Pm640p Firmware | All versions |
| Qualcomm | Pm7150a Firmware | All versions |
| Qualcomm | Pm7150l Firmware | All versions |
| Qualcomm | Pm7250 Firmware | All versions |
| Qualcomm | Pm7250b Firmware | All versions |
| Qualcomm | Pm8004 Firmware | All versions |
| Qualcomm | Pm8008 Firmware | All versions |
| Qualcomm | Pm8009 Firmware | All versions |
| Qualcomm | Pm8150 Firmware | All versions |
| Qualcomm | Pm8150a Firmware | All versions |
| Qualcomm | Pm8150b Firmware | All versions |
| Qualcomm | Pm8150c Firmware | All versions |
Showing 50 of 325 affected configurations. See NVD for the full list.
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-11134?
How severe is CVE-2020-11134?
How do I fix CVE-2020-11134?
Are you affected by CVE-2020-11134?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST