CVE-2020-11187
HIGHCVSS 7.8/10EPSS 0.16%
Last modified
CVE-2020-11187 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile. EPSS estimates a 0.16% chance of exploitation in the next 30 days.
Description
Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Aqt1000 Firmware | All versions |
| Qualcomm | Csrb31024 Firmware | All versions |
| Qualcomm | Pm7150a Firmware | All versions |
| Qualcomm | Pm7150l Firmware | All versions |
| Qualcomm | Pm7250 Firmware | All versions |
| Qualcomm | Pm7250b Firmware | All versions |
| Qualcomm | Pm8004 Firmware | All versions |
| Qualcomm | Pm8008 Firmware | All versions |
| Qualcomm | Pm855 Firmware | All versions |
| Qualcomm | Pm855b Firmware | All versions |
| Qualcomm | Pm855l Firmware | All versions |
| Qualcomm | Pm855p Firmware | All versions |
| Qualcomm | Pmk8002 Firmware | All versions |
| Qualcomm | Pmx24 Firmware | All versions |
| Qualcomm | Pmx50 Firmware | All versions |
| Qualcomm | Pmx55 Firmware | All versions |
| Qualcomm | Qat3516 Firmware | All versions |
| Qualcomm | Qat3518 Firmware | All versions |
| Qualcomm | Qat3519 Firmware | All versions |
| Qualcomm | Qat3555 Firmware | All versions |
| Qualcomm | Qat5515 Firmware | All versions |
| Qualcomm | Qat5522 Firmware | All versions |
| Qualcomm | Qat5533 Firmware | All versions |
| Qualcomm | Qbt2000 Firmware | All versions |
| Qualcomm | Qca6391 Firmware | All versions |
| Qualcomm | Qca6564au Firmware | All versions |
| Qualcomm | Qca6574a Firmware | All versions |
| Qualcomm | Qca6574au Firmware | All versions |
| Qualcomm | Qca6584au Firmware | All versions |
| Qualcomm | Qca6595au Firmware | All versions |
| Qualcomm | Qca6696 Firmware | All versions |
| Qualcomm | Qca8337 Firmware | All versions |
| Qualcomm | Qdm2301 Firmware | All versions |
| Qualcomm | Qdm2305 Firmware | All versions |
| Qualcomm | Qdm3301 Firmware | All versions |
| Qualcomm | Qdm5620 Firmware | All versions |
| Qualcomm | Qdm5621 Firmware | All versions |
| Qualcomm | Qdm5650 Firmware | All versions |
| Qualcomm | Qdm5652 Firmware | All versions |
| Qualcomm | Qdm5670 Firmware | All versions |
| Qualcomm | Qdm5671 Firmware | All versions |
| Qualcomm | Qdm5677 Firmware | All versions |
| Qualcomm | Qdm5679 Firmware | All versions |
| Qualcomm | Qet4101 Firmware | All versions |
| Qualcomm | Qet5100 Firmware | All versions |
| Qualcomm | Qet6110 Firmware | All versions |
| Qualcomm | Qln1021aq Firmware | All versions |
| Qualcomm | Qln1031 Firmware | All versions |
| Qualcomm | Qln1036aq Firmware | All versions |
| Qualcomm | Qln4642 Firmware | All versions |
Showing 50 of 98 affected configurations. See NVD for the full list.
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-11187?
Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile
How severe is CVE-2020-11187?
CVE-2020-11187 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.16% probability of exploitation in the next 30 days.
How do I fix CVE-2020-11187?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2020-11187?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST