CVE-2020-11221
Last modified
CVE-2020-11221 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking. EPSS estimates a 0.21% chance of exploitation in the next 30 days.
Description
Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8009 Firmware | All versions |
| Qualcomm | Apq8009w Firmware | All versions |
| Qualcomm | Apq8017 Firmware | All versions |
| Qualcomm | Apq8037 Firmware | All versions |
| Qualcomm | Apq8053 Firmware | All versions |
| Qualcomm | Apq8084 Firmware | All versions |
| Qualcomm | Apq8096au Firmware | All versions |
| Qualcomm | Aqt1000 Firmware | All versions |
| Qualcomm | Ar8035 Firmware | All versions |
| Qualcomm | Ar8151 Firmware | All versions |
| Qualcomm | Csr6030 Firmware | All versions |
| Qualcomm | Csrb31024 Firmware | All versions |
| Qualcomm | Mdm8207 Firmware | All versions |
| Qualcomm | Mdm9150 Firmware | All versions |
| Qualcomm | Mdm9205 Firmware | All versions |
| Qualcomm | Mdm9206 Firmware | All versions |
| Qualcomm | Mdm9207 Firmware | All versions |
| Qualcomm | Mdm9230 Firmware | All versions |
| Qualcomm | Mdm9250 Firmware | All versions |
| Qualcomm | Mdm9330 Firmware | All versions |
| Qualcomm | Mdm9607 Firmware | All versions |
| Qualcomm | Mdm9628 Firmware | All versions |
| Qualcomm | Mdm9630 Firmware | All versions |
| Qualcomm | Mdm9640 Firmware | All versions |
| Qualcomm | Mdm9645 Firmware | All versions |
| Qualcomm | Mdm9650 Firmware | All versions |
| Qualcomm | Mdm9655 Firmware | All versions |
| Qualcomm | Msm8108 Firmware | All versions |
| Qualcomm | Msm8208 Firmware | All versions |
| Qualcomm | Msm8209 Firmware | All versions |
| Qualcomm | Msm8608 Firmware | All versions |
| Qualcomm | Msm8909w Firmware | All versions |
| Qualcomm | Msm8917 Firmware | All versions |
| Qualcomm | Msm8920 Firmware | All versions |
| Qualcomm | Msm8937 Firmware | All versions |
| Qualcomm | Msm8940 Firmware | All versions |
| Qualcomm | Msm8953 Firmware | All versions |
| Qualcomm | Msm8976 Firmware | All versions |
| Qualcomm | Msm8976sg Firmware | All versions |
| Qualcomm | Msm8996au Firmware | All versions |
| Qualcomm | Pm215 Firmware | All versions |
| Qualcomm | Pm3003a Firmware | All versions |
| Qualcomm | Pm4125 Firmware | All versions |
| Qualcomm | Pm4250 Firmware | All versions |
| Qualcomm | Pm439 Firmware | All versions |
| Qualcomm | Pm456 Firmware | All versions |
| Qualcomm | Pm6125 Firmware | All versions |
| Qualcomm | Pm6150 Firmware | All versions |
| Qualcomm | Pm6150a Firmware | All versions |
| Qualcomm | Pm6150l Firmware | All versions |
Showing 50 of 401 affected configurations. See NVD for the full list.
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-11221?
How severe is CVE-2020-11221?
How do I fix CVE-2020-11221?
Are you affected by CVE-2020-11221?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST