CVE-2020-11153
Last modified
CVE-2020-11153 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8053, QCA6390, QCA9379, QCN7605, SC8180X, SDX55. EPSS estimates a 2.18% chance of exploitation in the next 30 days.
Description
u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8053, QCA6390, QCA9379, QCN7605, SC8180X, SDX55
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8053 Firmware | All versions |
| Qualcomm | Qca6390 Firmware | All versions |
| Qualcomm | Qca9379 Firmware | All versions |
| Qualcomm | Qcn7605 Firmware | All versions |
| Qualcomm | Sc8180x Firmware | All versions |
| Qualcomm | Sdx55 Firmware | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-11153?
How severe is CVE-2020-11153?
How do I fix CVE-2020-11153?
Are you affected by CVE-2020-11153?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST