Search

Find a vulnerability

Search criteria

    394 vulnerabilities found for apq8098_firmware by qualcomm

    CVE-2026-24091 (GCVE-0-2026-24091)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:12
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Display
    Summary
    Memory corruption while processing fastboot commands with improperly formatted input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24091",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:07:12.515624Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:12:40.634Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing fastboot commands with improperly formatted input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:40.458Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24091",
        "datePublished": "2026-06-01T22:05:40.458Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:12:40.634Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24085 (GCVE-0-2026-24085)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:13
    VLAI
    Title
    Stack-based Buffer Overflow in Display
    Summary
    Memory Corruption when processing display command line information due to improper initialization of a variable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24085",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:07:57.342651Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:13:40.742Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when processing display command line information due to improper initialization of a variable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:34.944Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Stack-based Buffer Overflow in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24085",
        "datePublished": "2026-06-01T22:05:34.944Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:13:40.742Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-21385 (GCVE-0-2026-21385)

    Vulnerability from nvd – Published: 2026-03-02 16:53 – Updated: 2026-03-04 04:55
    VLAI CISA KEVIntel
    Title
    Integer Overflow or Wraparound in Graphics
    Summary
    Memory corruption while using alignments for memory allocation.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 5G Fixed Wireless Access Platform
    Affected: APQ8098
    Affected: AR8031
    Affected: AR8035
    Affected: C-V2X 9150
    Affected: CSRA6620
    Affected: CSRA6640
    Affected: FastConnect 6200
    Affected: FastConnect 6700
    Affected: FastConnect 6800
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: Flight RB5 5G Platform
    Affected: FSM100 Platform
    Affected: G1 Gen 1
    Affected: G2 Gen 1
    Affected: IQ6 Series Platform
    Affected: IQ8 Series Platform
    Affected: IQ9 Series Platform
    Affected: LeMans_AU_LGIT
    Affected: LeMansAU
    Affected: MDM9250
    Affected: MDM9628
    Affected: Milos
    Affected: Monaco_IOT
    Affected: Netrani
    Affected: Orne
    Affected: Palawan25
    Affected: Pandeiro
    Affected: QAM8255P
    Affected: QAM8295P
    Affected: QAMSRV1H
    Affected: QAMSRV1M
    Affected: QCA2066
    Affected: QCA6174A
    Affected: QCA6391
    Affected: QCA6564A
    Affected: QCA6564AU
    Affected: QCA6574
    Affected: QCA6574A
    Affected: QCA6574AU
    Affected: QCA6584AU
    Affected: QCA6595
    Affected: QCA6595AU
    Affected: QCA6678AQ
    Affected: QCA6688AQ
    Affected: QCA6696
    Affected: QCA6698AQ
    Affected: QCA6698AU
    Affected: QCA6797AQ
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCA8695AU
    Affected: QCA9367
    Affected: QCA9377
    Affected: QCM2290
    Affected: QCM4325
    Affected: QCM4490
    Affected: QCM5430
    Affected: QCM6125
    Affected: QCM6490
    Affected: QCN6024
    Affected: QCN9011
    Affected: QCN9012
    Affected: QCN9024
    Affected: QCS2290
    Affected: QCS4290
    Affected: QCS4490
    Affected: QCS8550
    Affected: QLN1083BD
    Affected: QLN1086BD
    Affected: QMP1000
    Affected: QPA1083BD
    Affected: QPA1086BD
    Affected: QRB5165M
    Affected: QRB5165N
    Affected: Qualcomm 215 Mobile Platform
    Affected: Qualcomm Video Collaboration VC1 Platform
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: Qualcomm Video Collaboration VC5 Platform
    Affected: QXM1083
    Affected: QXM1086
    Affected: QXM1093
    Affected: QXM1094
    Affected: QXM1095
    Affected: QXM1096
    Affected: Robotics RB2 Platform
    Affected: Robotics RB5 Platform
    Affected: SA4150P
    Affected: SA4155P
    Affected: SA6145P
    Affected: SA6150P
    Affected: SA6155
    Affected: SA6155P
    Affected: SA7255P
    Affected: SA7775P
    Affected: SA8145P
    Affected: SA8150P
    Affected: SA8155
    Affected: SA8155P
    Affected: SA8195P
    Affected: SA8255P
    Affected: SA8295P
    Affected: SA8620P
    Affected: SA8770P
    Affected: SA9000P
    Affected: SAR1165P
    Affected: SAR1250P
    Affected: SAR2130P
    Affected: SAR2230P
    Affected: SC8380XP
    Affected: SD 8 Gen1 5G
    Affected: SD626
    Affected: SD662
    Affected: SD865 5G
    Affected: SDA660
    Affected: SDM429W
    Affected: SDX61
    Affected: SM6225P
    Affected: SM6650P
    Affected: SM7325P
    Affected: SM7435
    Affected: SM7550
    Affected: SM7550P
    Affected: SM7635P
    Affected: SM7675
    Affected: SM7675P
    Affected: SM8475P
    Affected: SM8550P
    Affected: SM8635
    Affected: SM8635P
    Affected: SM8650Q
    Affected: SM8750P
    Affected: Smart Audio 400 Platform
    Affected: Smart Display 200 Platform
    Affected: Snapdragon 4 Gen 1 Mobile Platform
    Affected: Snapdragon 4 Gen 2 Mobile Platform
    Affected: Snapdragon 429 Mobile Platform
    Affected: Snapdragon 460 Mobile Platform
    Affected: Snapdragon 480 5G Mobile Platform
    Affected: Snapdragon 480+ 5G Mobile Platform
    Affected: Snapdragon 6 Gen 1 Mobile Platform
    Affected: Snapdragon 6 Gen 3 Mobile Platform
    Affected: Snapdragon 6 Gen 4 Mobile Platform
    Affected: Snapdragon 625 Mobile Platform
    Affected: Snapdragon 626 Mobile Platform
    Affected: Snapdragon 660 Mobile Platform
    Affected: Snapdragon 662 Mobile Platform
    Affected: Snapdragon 680 4G Mobile Platform
    Affected: Snapdragon 685 4G Mobile Platform
    Affected: Snapdragon 690 5G Mobile Platform
    Affected: Snapdragon 695 5G Mobile Platform
    Affected: Snapdragon 7 Gen 1 Mobile Platform
    Affected: Snapdragon 7+ Gen 2 Mobile Platform
    Affected: Snapdragon 778G 5G Mobile Platform
    Affected: Snapdragon 778G+ 5G Mobile Platform
    Affected: Snapdragon 782G Mobile Platform
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 7s Gen 3 Mobile Platform
    Affected: Snapdragon 8 Elite
    Affected: Snapdragon 8 Elite Gen 5
    Affected: Snapdragon 8 Gen 1 Mobile Platform
    Affected: Snapdragon 8 Gen 2 Mobile Platform
    Affected: Snapdragon 8 Gen 3 Mobile Platform
    Affected: Snapdragon 8+ Gen 1 Mobile Platform
    Affected: Snapdragon 8+ Gen 2 Mobile Platform
    Affected: Snapdragon 820 Automotive Platform
    Affected: Snapdragon 820Am
    Affected: Snapdragon 865 5G Mobile Platform
    Affected: Snapdragon 865+ 5G Mobile Platform
    Affected: Snapdragon 870 5G Mobile Platform
    Affected: Snapdragon 888 5G Mobile Platform
    Affected: Snapdragon 888+ 5G Mobile Platform
    Affected: Snapdragon AR1 Gen 1 Platform
    Affected: Snapdragon AR1+ Gen 1 Platform
    Affected: Snapdragon Auto 5G Modem-RF
    Affected: Snapdragon W5+ Gen 1 Wearable Platform
    Affected: Snapdragon X12 LTE Modem
    Affected: Snapdragon X5 LTE Modem
    Affected: Snapdragon X53 5G Modem-RF System
    Affected: Snapdragon X55 5G Modem-RF System
    Affected: Snapdragon X65 5G Modem-RF System
    Affected: Snapdragon XR2 5G Platform
    Affected: Snapdragon XR2+ Gen 1 Platform
    Affected: SRV1H
    Affected: SRV1M
    Affected: SW5100
    Affected: SW5100P
    Affected: SW6100
    Affected: SW6100P
    Affected: SXR2230P
    Affected: SXR2250P
    Affected: SXR2330P
    Affected: SXR2350P
    Affected: Themisto
    Affected: Vision Intelligence 100 Platform
    Affected: Vision Intelligence 200 Platform
    Affected: Vision Intelligence 400 Platform
    Affected: WCD9326
    Affected: WCD9330
    Affected: WCD9335
    Affected: WCD9341
    Affected: WCD9360
    Affected: WCD9370
    Affected: WCD9371
    Affected: WCD9375
    Affected: WCD9378
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCD9390
    Affected: WCD9395
    Affected: WCN3615
    Affected: WCN3620
    Affected: WCN3660B
    Affected: WCN3680B
    Affected: WCN3910
    Affected: WCN3950
    Affected: WCN3980
    Affected: WCN3988
    Affected: WCN3990
    Affected: WCN6450
    Affected: WCN6650
    Affected: WCN6755
    Affected: WCN7860
    Affected: WCN7861
    Affected: WCN7880
    Affected: WCN7881
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-21385",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-03-03",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21385"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-04T04:55:16.033Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "third-party-advisory"
                ],
                "url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21385"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-03T00:00:00.000Z",
                "value": "CVE-2026-21385 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Auto",
                "Snapdragon CCW",
                "Snapdragon Compute",
                "Snapdragon Connectivity",
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT",
                "Snapdragon Mobile",
                "Snapdragon Voice \u0026 Music",
                "Snapdragon WBC",
                "Snapdragon Wearables"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "5G Fixed Wireless Access Platform"
                },
                {
                  "status": "affected",
                  "version": "APQ8098"
                },
                {
                  "status": "affected",
                  "version": "AR8031"
                },
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "C-V2X 9150"
                },
                {
                  "status": "affected",
                  "version": "CSRA6620"
                },
                {
                  "status": "affected",
                  "version": "CSRA6640"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6200"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6800"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "Flight RB5 5G Platform"
                },
                {
                  "status": "affected",
                  "version": "FSM100 Platform"
                },
                {
                  "status": "affected",
                  "version": "G1 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "G2 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "IQ6 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "IQ8 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "IQ9 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "LeMans_AU_LGIT"
                },
                {
                  "status": "affected",
                  "version": "LeMansAU"
                },
                {
                  "status": "affected",
                  "version": "MDM9250"
                },
                {
                  "status": "affected",
                  "version": "MDM9628"
                },
                {
                  "status": "affected",
                  "version": "Milos"
                },
                {
                  "status": "affected",
                  "version": "Monaco_IOT"
                },
                {
                  "status": "affected",
                  "version": "Netrani"
                },
                {
                  "status": "affected",
                  "version": "Orne"
                },
                {
                  "status": "affected",
                  "version": "Palawan25"
                },
                {
                  "status": "affected",
                  "version": "Pandeiro"
                },
                {
                  "status": "affected",
                  "version": "QAM8255P"
                },
                {
                  "status": "affected",
                  "version": "QAM8295P"
                },
                {
                  "status": "affected",
                  "version": "QAMSRV1H"
                },
                {
                  "status": "affected",
                  "version": "QAMSRV1M"
                },
                {
                  "status": "affected",
                  "version": "QCA2066"
                },
                {
                  "status": "affected",
                  "version": "QCA6174A"
                },
                {
                  "status": "affected",
                  "version": "QCA6391"
                },
                {
                  "status": "affected",
                  "version": "QCA6564A"
                },
                {
                  "status": "affected",
                  "version": "QCA6564AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6574"
                },
                {
                  "status": "affected",
                  "version": "QCA6574A"
                },
                {
                  "status": "affected",
                  "version": "QCA6574AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6584AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6595"
                },
                {
                  "status": "affected",
                  "version": "QCA6595AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6678AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6688AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6696"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6797AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCA8695AU"
                },
                {
                  "status": "affected",
                  "version": "QCA9367"
                },
                {
                  "status": "affected",
                  "version": "QCA9377"
                },
                {
                  "status": "affected",
                  "version": "QCM2290"
                },
                {
                  "status": "affected",
                  "version": "QCM4325"
                },
                {
                  "status": "affected",
                  "version": "QCM4490"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6125"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9011"
                },
                {
                  "status": "affected",
                  "version": "QCN9012"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "QCS2290"
                },
                {
                  "status": "affected",
                  "version": "QCS4290"
                },
                {
                  "status": "affected",
                  "version": "QCS4490"
                },
                {
                  "status": "affected",
                  "version": "QCS8550"
                },
                {
                  "status": "affected",
                  "version": "QLN1083BD"
                },
                {
                  "status": "affected",
                  "version": "QLN1086BD"
                },
                {
                  "status": "affected",
                  "version": "QMP1000"
                },
                {
                  "status": "affected",
                  "version": "QPA1083BD"
                },
                {
                  "status": "affected",
                  "version": "QPA1086BD"
                },
                {
                  "status": "affected",
                  "version": "QRB5165M"
                },
                {
                  "status": "affected",
                  "version": "QRB5165N"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm 215 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC5 Platform"
                },
                {
                  "status": "affected",
                  "version": "QXM1083"
                },
                {
                  "status": "affected",
                  "version": "QXM1086"
                },
                {
                  "status": "affected",
                  "version": "QXM1093"
                },
                {
                  "status": "affected",
                  "version": "QXM1094"
                },
                {
                  "status": "affected",
                  "version": "QXM1095"
                },
                {
                  "status": "affected",
                  "version": "QXM1096"
                },
                {
                  "status": "affected",
                  "version": "Robotics RB2 Platform"
                },
                {
                  "status": "affected",
                  "version": "Robotics RB5 Platform"
                },
                {
                  "status": "affected",
                  "version": "SA4150P"
                },
                {
                  "status": "affected",
                  "version": "SA4155P"
                },
                {
                  "status": "affected",
                  "version": "SA6145P"
                },
                {
                  "status": "affected",
                  "version": "SA6150P"
                },
                {
                  "status": "affected",
                  "version": "SA6155"
                },
                {
                  "status": "affected",
                  "version": "SA6155P"
                },
                {
                  "status": "affected",
                  "version": "SA7255P"
                },
                {
                  "status": "affected",
                  "version": "SA7775P"
                },
                {
                  "status": "affected",
                  "version": "SA8145P"
                },
                {
                  "status": "affected",
                  "version": "SA8150P"
                },
                {
                  "status": "affected",
                  "version": "SA8155"
                },
                {
                  "status": "affected",
                  "version": "SA8155P"
                },
                {
                  "status": "affected",
                  "version": "SA8195P"
                },
                {
                  "status": "affected",
                  "version": "SA8255P"
                },
                {
                  "status": "affected",
                  "version": "SA8295P"
                },
                {
                  "status": "affected",
                  "version": "SA8620P"
                },
                {
                  "status": "affected",
                  "version": "SA8770P"
                },
                {
                  "status": "affected",
                  "version": "SA9000P"
                },
                {
                  "status": "affected",
                  "version": "SAR1165P"
                },
                {
                  "status": "affected",
                  "version": "SAR1250P"
                },
                {
                  "status": "affected",
                  "version": "SAR2130P"
                },
                {
                  "status": "affected",
                  "version": "SAR2230P"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD626"
                },
                {
                  "status": "affected",
                  "version": "SD662"
                },
                {
                  "status": "affected",
                  "version": "SD865 5G"
                },
                {
                  "status": "affected",
                  "version": "SDA660"
                },
                {
                  "status": "affected",
                  "version": "SDM429W"
                },
                {
                  "status": "affected",
                  "version": "SDX61"
                },
                {
                  "status": "affected",
                  "version": "SM6225P"
                },
                {
                  "status": "affected",
                  "version": "SM6650P"
                },
                {
                  "status": "affected",
                  "version": "SM7325P"
                },
                {
                  "status": "affected",
                  "version": "SM7435"
                },
                {
                  "status": "affected",
                  "version": "SM7550"
                },
                {
                  "status": "affected",
                  "version": "SM7550P"
                },
                {
                  "status": "affected",
                  "version": "SM7635P"
                },
                {
                  "status": "affected",
                  "version": "SM7675"
                },
                {
                  "status": "affected",
                  "version": "SM7675P"
                },
                {
                  "status": "affected",
                  "version": "SM8475P"
                },
                {
                  "status": "affected",
                  "version": "SM8550P"
                },
                {
                  "status": "affected",
                  "version": "SM8635"
                },
                {
                  "status": "affected",
                  "version": "SM8635P"
                },
                {
                  "status": "affected",
                  "version": "SM8650Q"
                },
                {
                  "status": "affected",
                  "version": "SM8750P"
                },
                {
                  "status": "affected",
                  "version": "Smart Audio 400 Platform"
                },
                {
                  "status": "affected",
                  "version": "Smart Display 200 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 429 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 460 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 4 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 625 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 626 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 660 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 662 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 680 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 685 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 690 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 695 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 782G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7s Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Elite"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Elite Gen 5"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 820 Automotive Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 820Am"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 870 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR1 Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR1+ Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Auto 5G Modem-RF"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon W5+ Gen 1 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X12 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X53 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X55 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X65 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon XR2 5G Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon XR2+ Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "SRV1H"
                },
                {
                  "status": "affected",
                  "version": "SRV1M"
                },
                {
                  "status": "affected",
                  "version": "SW5100"
                },
                {
                  "status": "affected",
                  "version": "SW5100P"
                },
                {
                  "status": "affected",
                  "version": "SW6100"
                },
                {
                  "status": "affected",
                  "version": "SW6100P"
                },
                {
                  "status": "affected",
                  "version": "SXR2230P"
                },
                {
                  "status": "affected",
                  "version": "SXR2250P"
                },
                {
                  "status": "affected",
                  "version": "SXR2330P"
                },
                {
                  "status": "affected",
                  "version": "SXR2350P"
                },
                {
                  "status": "affected",
                  "version": "Themisto"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 100 Platform"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 200 Platform"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 400 Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9326"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                },
                {
                  "status": "affected",
                  "version": "WCD9335"
                },
                {
                  "status": "affected",
                  "version": "WCD9341"
                },
                {
                  "status": "affected",
                  "version": "WCD9360"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9371"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCD9390"
                },
                {
                  "status": "affected",
                  "version": "WCD9395"
                },
                {
                  "status": "affected",
                  "version": "WCN3615"
                },
                {
                  "status": "affected",
                  "version": "WCN3620"
                },
                {
                  "status": "affected",
                  "version": "WCN3660B"
                },
                {
                  "status": "affected",
                  "version": "WCN3680B"
                },
                {
                  "status": "affected",
                  "version": "WCN3910"
                },
                {
                  "status": "affected",
                  "version": "WCN3950"
                },
                {
                  "status": "affected",
                  "version": "WCN3980"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN3990"
                },
                {
                  "status": "affected",
                  "version": "WCN6450"
                },
                {
                  "status": "affected",
                  "version": "WCN6650"
                },
                {
                  "status": "affected",
                  "version": "WCN6755"
                },
                {
                  "status": "affected",
                  "version": "WCN7860"
                },
                {
                  "status": "affected",
                  "version": "WCN7861"
                },
                {
                  "status": "affected",
                  "version": "WCN7880"
                },
                {
                  "status": "affected",
                  "version": "WCN7881"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while using alignments for memory allocation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190 Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-02T16:53:59.406Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html"
            }
          ],
          "title": "Integer Overflow or Wraparound in Graphics"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-21385",
        "datePublished": "2026-03-02T16:53:59.406Z",
        "dateReserved": "2025-12-17T04:35:45.743Z",
        "dateUpdated": "2026-03-04T04:55:16.033Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-47383 (GCVE-0-2025-47383)

    Vulnerability from nvd – Published: 2026-03-02 16:53 – Updated: 2026-03-03 04:56
    VLAI
    Title
    Missing Cryptographic Step in Data Modem
    Summary
    Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-325 - Missing Cryptographic Step
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 5G Fixed Wireless Access Platform
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: APQ8098
    Affected: AQT1000
    Affected: AR8035
    Affected: C-V2X 9150
    Affected: CSRA6620
    Affected: CSRA6640
    Affected: CSRB31024
    Affected: FastConnect 6200
    Affected: FastConnect 6700
    Affected: FastConnect 6800
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: FSM100 Platform
    Affected: FWA Gen 3 Ultra Platform
    Affected: G1 Gen 1
    Affected: MDM8207
    Affected: MDM9250
    Affected: MDM9628
    Affected: MDM9640
    Affected: Milos
    Affected: Netrani
    Affected: Orne
    Affected: Palawan25
    Affected: QCA6174A
    Affected: QCA6391
    Affected: QCA6420
    Affected: QCA6430
    Affected: QCA6564A
    Affected: QCA6564AU
    Affected: QCA6574
    Affected: QCA6574A
    Affected: QCA6574AU
    Affected: QCA6584
    Affected: QCA6584AU
    Affected: QCA6595AU
    Affected: QCA6678AQ
    Affected: QCA6688AQ
    Affected: QCA6696
    Affected: QCA6698AQ
    Affected: QCA6698AU
    Affected: QCA6797AQ
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCA9367
    Affected: QCA9377
    Affected: QCC710
    Affected: QCM2290
    Affected: QCM4325
    Affected: QCM4490
    Affected: QCM5430
    Affected: QCM6125
    Affected: QCM6490
    Affected: QCN6024
    Affected: QCN6224
    Affected: QCN6274
    Affected: QCN9011
    Affected: QCN9012
    Affected: QCN9024
    Affected: QCS2290
    Affected: QCS4290
    Affected: QCS4490
    Affected: QCS8550
    Affected: QEP8111
    Affected: QFW7114
    Affected: QFW7124
    Affected: QMP1000
    Affected: Qualcomm 215 Mobile Platform
    Affected: Qualcomm Video Collaboration VC1 Platform
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: Robotics RB2 Platform
    Affected: SD 8 Gen1 5G
    Affected: SD626
    Affected: SD662
    Affected: SDA660
    Affected: SDM429W
    Affected: SDX57M
    Affected: SDX61
    Affected: SDX71M
    Affected: SM6225P
    Affected: SM6250
    Affected: SM6650P
    Affected: SM7325P
    Affected: SM7435
    Affected: SM7550
    Affected: SM7550P
    Affected: SM7635P
    Affected: SM7675
    Affected: SM7675P
    Affected: SM8475P
    Affected: SM8550P
    Affected: SM8635
    Affected: SM8635P
    Affected: SM8650Q
    Affected: SM8750P
    Affected: Smart Display 200 Platform
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon 4 Gen 1 Mobile Platform
    Affected: Snapdragon 4 Gen 2 Mobile Platform
    Affected: Snapdragon 429 Mobile Platform
    Affected: Snapdragon 460 Mobile Platform
    Affected: Snapdragon 480 5G Mobile Platform
    Affected: Snapdragon 480+ 5G Mobile Platform
    Affected: Snapdragon 6 Gen 1 Mobile Platform
    Affected: Snapdragon 6 Gen 3 Mobile Platform
    Affected: Snapdragon 6 Gen 4 Mobile Platform
    Affected: Snapdragon 625 Mobile Platform
    Affected: Snapdragon 626 Mobile Platform
    Affected: Snapdragon 660 Mobile Platform
    Affected: Snapdragon 662 Mobile Platform
    Affected: Snapdragon 680 4G Mobile Platform
    Affected: Snapdragon 685 4G Mobile Platform
    Affected: Snapdragon 690 5G Mobile Platform
    Affected: Snapdragon 695 5G Mobile Platform
    Affected: Snapdragon 7 Gen 1 Mobile Platform
    Affected: Snapdragon 7+ Gen 2 Mobile Platform
    Affected: Snapdragon 778G 5G Mobile Platform
    Affected: Snapdragon 778G+ 5G Mobile Platform
    Affected: Snapdragon 782G Mobile Platform
    Affected: Snapdragon 7c Compute Platform
    Affected: Snapdragon 7c Gen 2 Compute Platform "Rennell Pro"
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 7s Gen 3 Mobile Platform
    Affected: Snapdragon 8 Elite
    Affected: Snapdragon 8 Gen 1 Mobile Platform
    Affected: Snapdragon 8 Gen 2 Mobile Platform
    Affected: Snapdragon 8 Gen 3 Mobile Platform
    Affected: Snapdragon 8+ Gen 1 Mobile Platform
    Affected: Snapdragon 8+ Gen 2 Mobile Platform
    Affected: Snapdragon 820 Automotive Platform
    Affected: Snapdragon 820Am
    Affected: Snapdragon 865 5G Mobile Platform
    Affected: Snapdragon 865+ 5G Mobile Platform
    Affected: Snapdragon 870 5G Mobile Platform
    Affected: Snapdragon 888 5G Mobile Platform
    Affected: Snapdragon 888+ 5G Mobile Platform
    Affected: Snapdragon 8c Compute Platform "Poipu Lite"
    Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
    Affected: Snapdragon 8cx Compute Platform
    Affected: Snapdragon 8cx Compute Platform "Poipu Pro"
    Affected: Snapdragon 8cx Gen 2 5G Compute Platform
    Affected: Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro"
    Affected: Snapdragon Auto 5G Modem-RF
    Affected: Snapdragon Auto 5G Modem-RF Gen 2
    Affected: Snapdragon W5+ Gen 1 Wearable Platform
    Affected: Snapdragon X12 LTE Modem
    Affected: Snapdragon X32 5G Modem-RF System
    Affected: Snapdragon X35 5G Modem-RF System
    Affected: Snapdragon X5 LTE Modem
    Affected: Snapdragon X53 5G Modem-RF System
    Affected: Snapdragon X55 5G Modem-RF System
    Affected: Snapdragon X65 5G Modem-RF System
    Affected: Snapdragon X70 Modem-RF System
    Affected: Snapdragon X72 5G Modem-RF System
    Affected: Snapdragon X75 5G Modem-RF System
    Affected: Snapdragon X80 5G Modem-RF System
    Affected: SnapdragonAuto 4GModem
    Affected: SW5100
    Affected: SW5100P
    Affected: SW6100
    Affected: SW6100P
    Affected: Themisto
    Affected: Vision Intelligence 100 Platform
    Affected: Vision Intelligence 200 Platform
    Affected: Vision Intelligence 400 Platform
    Affected: WCD9306
    Affected: WCD9326
    Affected: WCD9330
    Affected: WCD9335
    Affected: WCD9340
    Affected: WCD9341
    Affected: WCD9360
    Affected: WCD9370
    Affected: WCD9371
    Affected: WCD9375
    Affected: WCD9378
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCD9390
    Affected: WCD9395
    Affected: WCN3615
    Affected: WCN3620
    Affected: WCN3660B
    Affected: WCN3680B
    Affected: WCN3910
    Affected: WCN3950
    Affected: WCN3980
    Affected: WCN3988
    Affected: WCN3990
    Affected: WCN6650
    Affected: WCN6755
    Affected: WCN7860
    Affected: WCN7861
    Affected: WCN7880
    Affected: WCN7881
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47383",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-03T04:56:19.656Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Auto",
                "Snapdragon Compute",
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT",
                "Snapdragon MDM",
                "Snapdragon Mobile",
                "Snapdragon WBC",
                "Snapdragon Wearables"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "5G Fixed Wireless Access Platform"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "APQ8098"
                },
                {
                  "status": "affected",
                  "version": "AQT1000"
                },
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "C-V2X 9150"
                },
                {
                  "status": "affected",
                  "version": "CSRA6620"
                },
                {
                  "status": "affected",
                  "version": "CSRA6640"
                },
                {
                  "status": "affected",
                  "version": "CSRB31024"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6200"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6800"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "FSM100 Platform"
                },
                {
                  "status": "affected",
                  "version": "FWA Gen 3 Ultra Platform"
                },
                {
                  "status": "affected",
                  "version": "G1 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "MDM9250"
                },
                {
                  "status": "affected",
                  "version": "MDM9628"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "Milos"
                },
                {
                  "status": "affected",
                  "version": "Netrani"
                },
                {
                  "status": "affected",
                  "version": "Orne"
                },
                {
                  "status": "affected",
                  "version": "Palawan25"
                },
                {
                  "status": "affected",
                  "version": "QCA6174A"
                },
                {
                  "status": "affected",
                  "version": "QCA6391"
                },
                {
                  "status": "affected",
                  "version": "QCA6420"
                },
                {
                  "status": "affected",
                  "version": "QCA6430"
                },
                {
                  "status": "affected",
                  "version": "QCA6564A"
                },
                {
                  "status": "affected",
                  "version": "QCA6564AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6574"
                },
                {
                  "status": "affected",
                  "version": "QCA6574A"
                },
                {
                  "status": "affected",
                  "version": "QCA6574AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6584"
                },
                {
                  "status": "affected",
                  "version": "QCA6584AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6595AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6678AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6688AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6696"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6797AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCA9367"
                },
                {
                  "status": "affected",
                  "version": "QCA9377"
                },
                {
                  "status": "affected",
                  "version": "QCC710"
                },
                {
                  "status": "affected",
                  "version": "QCM2290"
                },
                {
                  "status": "affected",
                  "version": "QCM4325"
                },
                {
                  "status": "affected",
                  "version": "QCM4490"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6125"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN6224"
                },
                {
                  "status": "affected",
                  "version": "QCN6274"
                },
                {
                  "status": "affected",
                  "version": "QCN9011"
                },
                {
                  "status": "affected",
                  "version": "QCN9012"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "QCS2290"
                },
                {
                  "status": "affected",
                  "version": "QCS4290"
                },
                {
                  "status": "affected",
                  "version": "QCS4490"
                },
                {
                  "status": "affected",
                  "version": "QCS8550"
                },
                {
                  "status": "affected",
                  "version": "QEP8111"
                },
                {
                  "status": "affected",
                  "version": "QFW7114"
                },
                {
                  "status": "affected",
                  "version": "QFW7124"
                },
                {
                  "status": "affected",
                  "version": "QMP1000"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm 215 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "Robotics RB2 Platform"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD626"
                },
                {
                  "status": "affected",
                  "version": "SD662"
                },
                {
                  "status": "affected",
                  "version": "SDA660"
                },
                {
                  "status": "affected",
                  "version": "SDM429W"
                },
                {
                  "status": "affected",
                  "version": "SDX57M"
                },
                {
                  "status": "affected",
                  "version": "SDX61"
                },
                {
                  "status": "affected",
                  "version": "SDX71M"
                },
                {
                  "status": "affected",
                  "version": "SM6225P"
                },
                {
                  "status": "affected",
                  "version": "SM6250"
                },
                {
                  "status": "affected",
                  "version": "SM6650P"
                },
                {
                  "status": "affected",
                  "version": "SM7325P"
                },
                {
                  "status": "affected",
                  "version": "SM7435"
                },
                {
                  "status": "affected",
                  "version": "SM7550"
                },
                {
                  "status": "affected",
                  "version": "SM7550P"
                },
                {
                  "status": "affected",
                  "version": "SM7635P"
                },
                {
                  "status": "affected",
                  "version": "SM7675"
                },
                {
                  "status": "affected",
                  "version": "SM7675P"
                },
                {
                  "status": "affected",
                  "version": "SM8475P"
                },
                {
                  "status": "affected",
                  "version": "SM8550P"
                },
                {
                  "status": "affected",
                  "version": "SM8635"
                },
                {
                  "status": "affected",
                  "version": "SM8635P"
                },
                {
                  "status": "affected",
                  "version": "SM8650Q"
                },
                {
                  "status": "affected",
                  "version": "SM8750P"
                },
                {
                  "status": "affected",
                  "version": "Smart Display 200 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 429 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 460 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 4 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 625 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 626 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 660 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 662 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 680 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 685 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 690 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 695 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 782G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c Gen 2 Compute Platform \"Rennell Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7s Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Elite"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 820 Automotive Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 820Am"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 870 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8c Compute Platform \"Poipu Lite\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Compute Platform \"Poipu Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 2 5G Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 2 5G Compute Platform \"Poipu Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Auto 5G Modem-RF"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Auto 5G Modem-RF Gen 2"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon W5+ Gen 1 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X12 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X32 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X35 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X53 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X55 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X65 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X70 Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X72 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X75 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X80 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "SnapdragonAuto 4GModem"
                },
                {
                  "status": "affected",
                  "version": "SW5100"
                },
                {
                  "status": "affected",
                  "version": "SW5100P"
                },
                {
                  "status": "affected",
                  "version": "SW6100"
                },
                {
                  "status": "affected",
                  "version": "SW6100P"
                },
                {
                  "status": "affected",
                  "version": "Themisto"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 100 Platform"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 200 Platform"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 400 Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9326"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                },
                {
                  "status": "affected",
                  "version": "WCD9335"
                },
                {
                  "status": "affected",
                  "version": "WCD9340"
                },
                {
                  "status": "affected",
                  "version": "WCD9341"
                },
                {
                  "status": "affected",
                  "version": "WCD9360"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9371"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCD9390"
                },
                {
                  "status": "affected",
                  "version": "WCD9395"
                },
                {
                  "status": "affected",
                  "version": "WCN3615"
                },
                {
                  "status": "affected",
                  "version": "WCN3620"
                },
                {
                  "status": "affected",
                  "version": "WCN3660B"
                },
                {
                  "status": "affected",
                  "version": "WCN3680B"
                },
                {
                  "status": "affected",
                  "version": "WCN3910"
                },
                {
                  "status": "affected",
                  "version": "WCN3950"
                },
                {
                  "status": "affected",
                  "version": "WCN3980"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN3990"
                },
                {
                  "status": "affected",
                  "version": "WCN6650"
                },
                {
                  "status": "affected",
                  "version": "WCN6755"
                },
                {
                  "status": "affected",
                  "version": "WCN7860"
                },
                {
                  "status": "affected",
                  "version": "WCN7861"
                },
                {
                  "status": "affected",
                  "version": "WCN7880"
                },
                {
                  "status": "affected",
                  "version": "WCN7881"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-325",
                  "description": "CWE-325: Missing Cryptographic Step",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-02T16:53:52.332Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html"
            }
          ],
          "title": "Missing Cryptographic Step in Data Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-47383",
        "datePublished": "2026-03-02T16:53:52.332Z",
        "dateReserved": "2025-05-06T08:33:16.266Z",
        "dateUpdated": "2026-03-03T04:56:19.656Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-30327 (GCVE-0-2021-30327)

    Vulnerability from nvd – Published: 2022-06-14 10:10 – Updated: 2024-08-03 22:32
    VLAI
    Summary
    Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music
    CWE
    • Buffer overflow in EDL Sahara protocol
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music Affected: APQ8097, APQ8098, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, MDM9205, MSM8997, MSM8998, QCA6595, QCA6595AU, QCN7605, QCN7605W, QCN7606, QCN7606W, QCS401, QCS402, QCS403, QCS404, QCS405, QCS407, SA2145P, SA2150P, SA4150P, SA4155P, SA415M, SA4250P, SA515M, SA6115, SA6115P, SA6125, SA6125P, SA6145, SA6145P, SA615x, SA615xP, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC7180P, SC8180X, SC8180XP, SDA658, SDA660, SDA670, SDA830, SDA845, SDM640, SDM658, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDPX55M, SDX24, SDX24M, SDX55, SM4250, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T22:32:40.865Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice \u0026 Music",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8097, APQ8098, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, MDM9205, MSM8997, MSM8998, QCA6595, QCA6595AU, QCN7605, QCN7605W, QCN7606, QCN7606W, QCS401, QCS402, QCS403, QCS404, QCS405, QCS407, SA2145P, SA2150P, SA4150P, SA4155P, SA415M, SA4250P, SA515M, SA6115, SA6115P, SA6125, SA6125P, SA6145, SA6145P, SA615x, SA615xP, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC7180P, SC8180X, SC8180XP, SDA658, SDA660, SDA670, SDA830, SDA845, SDM640, SDM658, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDPX55M, SDX24, SDX24M, SDX55, SM4250, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice \u0026 Music"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer overflow in EDL Sahara protocol",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-14T10:10:50.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2021-30327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice \u0026 Music",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8097, APQ8098, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, MDM9205, MSM8997, MSM8998, QCA6595, QCA6595AU, QCN7605, QCN7605W, QCN7606, QCN7606W, QCS401, QCS402, QCS403, QCS404, QCS405, QCS407, SA2145P, SA2150P, SA4150P, SA4155P, SA415M, SA4250P, SA515M, SA6115, SA6115P, SA6125, SA6125P, SA6145, SA6145P, SA615x, SA615xP, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC7180P, SC8180X, SC8180XP, SDA658, SDA660, SDA670, SDA830, SDA845, SDM640, SDM658, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDPX55M, SDX24, SDX24M, SDX55, SM4250, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice \u0026 Music"
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": "7.5",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer overflow in EDL Sahara protocol"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2021-30327",
        "datePublished": "2022-06-14T10:10:50.000Z",
        "dateReserved": "2021-04-07T00:00:00.000Z",
        "dateUpdated": "2024-08-03T22:32:40.865Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11207 (GCVE-0-2020-11207)

    Vulnerability from nvd – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P
    Severity
    No CVSS data available.
    CWE
    • Buffer Copy Without Checking Size of Input in Computer Vision
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Affected: APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in Computer Vision",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-10T12:13:27.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11207",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in Computer Vision"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/",
                  "refsource": "MISC",
                  "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
                },
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                },
                {
                  "name": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/",
                  "refsource": "MISC",
                  "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11207",
        "datePublished": "2020-11-12T10:00:58.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11206 (GCVE-0-2020-11206)

    Vulnerability from nvd – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
    Severity
    No CVSS data available.
    CWE
    • Untrusted Pointer Dereference in ComputerVision
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Affected: APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.377Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Untrusted Pointer Dereference in ComputerVision",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-10T12:13:21.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11206",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Untrusted Pointer Dereference in ComputerVision"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/",
                  "refsource": "MISC",
                  "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
                },
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                },
                {
                  "name": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/",
                  "refsource": "MISC",
                  "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11206",
        "datePublished": "2020-11-12T10:00:57.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11196 (GCVE-0-2020-11196)

    Vulnerability from nvd – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Integer Overflow to Buffer Overflow in Video
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Affected: APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.538Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Integer Overflow to Buffer Overflow in Video",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:55.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11196",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Integer Overflow to Buffer Overflow in Video"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11196",
        "datePublished": "2020-11-12T10:00:55.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.538Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11193 (GCVE-0-2020-11193)

    Vulnerability from nvd – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Integer Overflow to Buffer Overflow Issue in Video
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Affected: APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Integer Overflow to Buffer Overflow Issue in Video",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:55.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11193",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Integer Overflow to Buffer Overflow Issue in Video"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11193",
        "datePublished": "2020-11-12T10:00:55.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.195Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11168 (GCVE-0-2020-11168)

    Vulnerability from nvd – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Untrusted Pointer Dereference Issue in Video
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Affected: APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.156Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Untrusted Pointer Dereference Issue in Video",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:54.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11168",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Untrusted Pointer Dereference Issue in Video"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11168",
        "datePublished": "2020-11-12T10:00:54.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.156Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11132 (GCVE-0-2020-11132)

    Vulnerability from nvd – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:21
    VLAI
    Summary
    u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Buffer Over read Issue in Boot
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:21:14.727Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Buffer over read in boot due to size check ignored before copying GUID attribute from request to response\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Over read Issue in Boot",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:53.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11132",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Buffer over read in boot due to size check ignored before copying GUID attribute from request to response\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Over read Issue in Boot"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11132",
        "datePublished": "2020-11-12T10:00:53.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:21:14.727Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11123 (GCVE-0-2020-11123)

    Vulnerability from nvd – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:21
    VLAI
    Summary
    u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Cryptographic Issue in HLOS
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:21:14.678Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cryptographic Issue in HLOS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:51.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11123",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cryptographic Issue in HLOS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11123",
        "datePublished": "2020-11-12T10:00:51.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:21:14.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3696 (GCVE-0-2020-3696)

    Vulnerability from nvd – Published: 2020-11-02 06:21 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24
    Severity
    No CVSS data available.
    CWE
    • Use After Free Issue in WLAN Host
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.158Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process\u0027 in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use After Free Issue in WLAN Host",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-02T06:21:32.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3696",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process\u0027 in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use After Free Issue in WLAN Host"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3696",
        "datePublished": "2020-11-02T06:21:32.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.158Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3693 (GCVE-0-2020-3693)

    Vulnerability from nvd – Published: 2020-11-02 06:21 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130
    Severity
    No CVSS data available.
    CWE
    • Use of Out-of-range Pointer Offset in QSEE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Affected: APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.097Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use of Out-of-range Pointer Offset in QSEE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-02T06:21:31.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3693",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use of Out-of-range Pointer Offset in QSEE"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3693",
        "datePublished": "2020-11-02T06:21:31.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3684 (GCVE-0-2020-3684)

    Vulnerability from nvd – Published: 2020-11-02 06:21 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
    Severity
    No CVSS data available.
    CWE
    • Permissions, Privileges and Access Control issues in Qualcomm IPC
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Affected: Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.287Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Permissions, Privileges and Access Control issues in Qualcomm IPC",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-02T06:21:29.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3684",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Permissions, Privileges and Access Control issues in Qualcomm IPC"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3684",
        "datePublished": "2020-11-02T06:21:30.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.287Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3673 (GCVE-0-2020-3673)

    Vulnerability from nvd – Published: 2020-11-02 06:21 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
    Severity
    No CVSS data available.
    CWE
    • Improper Validation of Array Index in HLOS Data
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Affected: Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.255Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Validation of Array Index in HLOS Data",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-02T06:21:29.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3673",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Validation of Array Index in HLOS Data"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3673",
        "datePublished": "2020-11-02T06:21:29.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.255Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3670 (GCVE-0-2020-3670)

    Vulnerability from nvd – Published: 2020-11-02 06:21 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCM6125, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130
    Severity
    No CVSS data available.
    CWE
    • Buffer Over-read Issue in Multi Mode Call Processor
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Affected: Agatti, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCM6125, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.035Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Agatti, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCM6125, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCM6125, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Over-read Issue in Multi Mode Call Processor",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-02T06:21:28.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3670",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Agatti, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCM6125, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCM6125, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Over-read Issue in Multi Mode Call Processor"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3670",
        "datePublished": "2020-11-02T06:21:28.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.035Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3657 (GCVE-0-2020-3657)

    Vulnerability from nvd – Published: 2020-11-02 06:21 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250
    Severity
    No CVSS data available.
    CWE
    • Buffer Copy Without Checking Size of Input in HLOS Data
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.236Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in HLOS Data",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-02T06:21:28.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-3657",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in HLOS Data"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-3657",
        "datePublished": "2020-11-02T06:21:28.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-24091 (GCVE-0-2026-24091)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:12
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Display
    Summary
    Memory corruption while processing fastboot commands with improperly formatted input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24091",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:07:12.515624Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:12:40.634Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing fastboot commands with improperly formatted input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:40.458Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24091",
        "datePublished": "2026-06-01T22:05:40.458Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:12:40.634Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24085 (GCVE-0-2026-24085)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:13
    VLAI
    Title
    Stack-based Buffer Overflow in Display
    Summary
    Memory Corruption when processing display command line information due to improper initialization of a variable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24085",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:07:57.342651Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:13:40.742Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when processing display command line information due to improper initialization of a variable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:34.944Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Stack-based Buffer Overflow in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24085",
        "datePublished": "2026-06-01T22:05:34.944Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:13:40.742Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-21385 (GCVE-0-2026-21385)

    Vulnerability from cvelistv5 – Published: 2026-03-02 16:53 – Updated: 2026-03-04 04:55
    VLAI CISA KEVIntel
    Title
    Integer Overflow or Wraparound in Graphics
    Summary
    Memory corruption while using alignments for memory allocation.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 5G Fixed Wireless Access Platform
    Affected: APQ8098
    Affected: AR8031
    Affected: AR8035
    Affected: C-V2X 9150
    Affected: CSRA6620
    Affected: CSRA6640
    Affected: FastConnect 6200
    Affected: FastConnect 6700
    Affected: FastConnect 6800
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: Flight RB5 5G Platform
    Affected: FSM100 Platform
    Affected: G1 Gen 1
    Affected: G2 Gen 1
    Affected: IQ6 Series Platform
    Affected: IQ8 Series Platform
    Affected: IQ9 Series Platform
    Affected: LeMans_AU_LGIT
    Affected: LeMansAU
    Affected: MDM9250
    Affected: MDM9628
    Affected: Milos
    Affected: Monaco_IOT
    Affected: Netrani
    Affected: Orne
    Affected: Palawan25
    Affected: Pandeiro
    Affected: QAM8255P
    Affected: QAM8295P
    Affected: QAMSRV1H
    Affected: QAMSRV1M
    Affected: QCA2066
    Affected: QCA6174A
    Affected: QCA6391
    Affected: QCA6564A
    Affected: QCA6564AU
    Affected: QCA6574
    Affected: QCA6574A
    Affected: QCA6574AU
    Affected: QCA6584AU
    Affected: QCA6595
    Affected: QCA6595AU
    Affected: QCA6678AQ
    Affected: QCA6688AQ
    Affected: QCA6696
    Affected: QCA6698AQ
    Affected: QCA6698AU
    Affected: QCA6797AQ
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCA8695AU
    Affected: QCA9367
    Affected: QCA9377
    Affected: QCM2290
    Affected: QCM4325
    Affected: QCM4490
    Affected: QCM5430
    Affected: QCM6125
    Affected: QCM6490
    Affected: QCN6024
    Affected: QCN9011
    Affected: QCN9012
    Affected: QCN9024
    Affected: QCS2290
    Affected: QCS4290
    Affected: QCS4490
    Affected: QCS8550
    Affected: QLN1083BD
    Affected: QLN1086BD
    Affected: QMP1000
    Affected: QPA1083BD
    Affected: QPA1086BD
    Affected: QRB5165M
    Affected: QRB5165N
    Affected: Qualcomm 215 Mobile Platform
    Affected: Qualcomm Video Collaboration VC1 Platform
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: Qualcomm Video Collaboration VC5 Platform
    Affected: QXM1083
    Affected: QXM1086
    Affected: QXM1093
    Affected: QXM1094
    Affected: QXM1095
    Affected: QXM1096
    Affected: Robotics RB2 Platform
    Affected: Robotics RB5 Platform
    Affected: SA4150P
    Affected: SA4155P
    Affected: SA6145P
    Affected: SA6150P
    Affected: SA6155
    Affected: SA6155P
    Affected: SA7255P
    Affected: SA7775P
    Affected: SA8145P
    Affected: SA8150P
    Affected: SA8155
    Affected: SA8155P
    Affected: SA8195P
    Affected: SA8255P
    Affected: SA8295P
    Affected: SA8620P
    Affected: SA8770P
    Affected: SA9000P
    Affected: SAR1165P
    Affected: SAR1250P
    Affected: SAR2130P
    Affected: SAR2230P
    Affected: SC8380XP
    Affected: SD 8 Gen1 5G
    Affected: SD626
    Affected: SD662
    Affected: SD865 5G
    Affected: SDA660
    Affected: SDM429W
    Affected: SDX61
    Affected: SM6225P
    Affected: SM6650P
    Affected: SM7325P
    Affected: SM7435
    Affected: SM7550
    Affected: SM7550P
    Affected: SM7635P
    Affected: SM7675
    Affected: SM7675P
    Affected: SM8475P
    Affected: SM8550P
    Affected: SM8635
    Affected: SM8635P
    Affected: SM8650Q
    Affected: SM8750P
    Affected: Smart Audio 400 Platform
    Affected: Smart Display 200 Platform
    Affected: Snapdragon 4 Gen 1 Mobile Platform
    Affected: Snapdragon 4 Gen 2 Mobile Platform
    Affected: Snapdragon 429 Mobile Platform
    Affected: Snapdragon 460 Mobile Platform
    Affected: Snapdragon 480 5G Mobile Platform
    Affected: Snapdragon 480+ 5G Mobile Platform
    Affected: Snapdragon 6 Gen 1 Mobile Platform
    Affected: Snapdragon 6 Gen 3 Mobile Platform
    Affected: Snapdragon 6 Gen 4 Mobile Platform
    Affected: Snapdragon 625 Mobile Platform
    Affected: Snapdragon 626 Mobile Platform
    Affected: Snapdragon 660 Mobile Platform
    Affected: Snapdragon 662 Mobile Platform
    Affected: Snapdragon 680 4G Mobile Platform
    Affected: Snapdragon 685 4G Mobile Platform
    Affected: Snapdragon 690 5G Mobile Platform
    Affected: Snapdragon 695 5G Mobile Platform
    Affected: Snapdragon 7 Gen 1 Mobile Platform
    Affected: Snapdragon 7+ Gen 2 Mobile Platform
    Affected: Snapdragon 778G 5G Mobile Platform
    Affected: Snapdragon 778G+ 5G Mobile Platform
    Affected: Snapdragon 782G Mobile Platform
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 7s Gen 3 Mobile Platform
    Affected: Snapdragon 8 Elite
    Affected: Snapdragon 8 Elite Gen 5
    Affected: Snapdragon 8 Gen 1 Mobile Platform
    Affected: Snapdragon 8 Gen 2 Mobile Platform
    Affected: Snapdragon 8 Gen 3 Mobile Platform
    Affected: Snapdragon 8+ Gen 1 Mobile Platform
    Affected: Snapdragon 8+ Gen 2 Mobile Platform
    Affected: Snapdragon 820 Automotive Platform
    Affected: Snapdragon 820Am
    Affected: Snapdragon 865 5G Mobile Platform
    Affected: Snapdragon 865+ 5G Mobile Platform
    Affected: Snapdragon 870 5G Mobile Platform
    Affected: Snapdragon 888 5G Mobile Platform
    Affected: Snapdragon 888+ 5G Mobile Platform
    Affected: Snapdragon AR1 Gen 1 Platform
    Affected: Snapdragon AR1+ Gen 1 Platform
    Affected: Snapdragon Auto 5G Modem-RF
    Affected: Snapdragon W5+ Gen 1 Wearable Platform
    Affected: Snapdragon X12 LTE Modem
    Affected: Snapdragon X5 LTE Modem
    Affected: Snapdragon X53 5G Modem-RF System
    Affected: Snapdragon X55 5G Modem-RF System
    Affected: Snapdragon X65 5G Modem-RF System
    Affected: Snapdragon XR2 5G Platform
    Affected: Snapdragon XR2+ Gen 1 Platform
    Affected: SRV1H
    Affected: SRV1M
    Affected: SW5100
    Affected: SW5100P
    Affected: SW6100
    Affected: SW6100P
    Affected: SXR2230P
    Affected: SXR2250P
    Affected: SXR2330P
    Affected: SXR2350P
    Affected: Themisto
    Affected: Vision Intelligence 100 Platform
    Affected: Vision Intelligence 200 Platform
    Affected: Vision Intelligence 400 Platform
    Affected: WCD9326
    Affected: WCD9330
    Affected: WCD9335
    Affected: WCD9341
    Affected: WCD9360
    Affected: WCD9370
    Affected: WCD9371
    Affected: WCD9375
    Affected: WCD9378
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCD9390
    Affected: WCD9395
    Affected: WCN3615
    Affected: WCN3620
    Affected: WCN3660B
    Affected: WCN3680B
    Affected: WCN3910
    Affected: WCN3950
    Affected: WCN3980
    Affected: WCN3988
    Affected: WCN3990
    Affected: WCN6450
    Affected: WCN6650
    Affected: WCN6755
    Affected: WCN7860
    Affected: WCN7861
    Affected: WCN7880
    Affected: WCN7881
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-21385",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-03-03",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21385"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-04T04:55:16.033Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "third-party-advisory"
                ],
                "url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21385"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-03T00:00:00.000Z",
                "value": "CVE-2026-21385 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Auto",
                "Snapdragon CCW",
                "Snapdragon Compute",
                "Snapdragon Connectivity",
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT",
                "Snapdragon Mobile",
                "Snapdragon Voice \u0026 Music",
                "Snapdragon WBC",
                "Snapdragon Wearables"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "5G Fixed Wireless Access Platform"
                },
                {
                  "status": "affected",
                  "version": "APQ8098"
                },
                {
                  "status": "affected",
                  "version": "AR8031"
                },
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "C-V2X 9150"
                },
                {
                  "status": "affected",
                  "version": "CSRA6620"
                },
                {
                  "status": "affected",
                  "version": "CSRA6640"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6200"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6800"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "Flight RB5 5G Platform"
                },
                {
                  "status": "affected",
                  "version": "FSM100 Platform"
                },
                {
                  "status": "affected",
                  "version": "G1 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "G2 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "IQ6 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "IQ8 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "IQ9 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "LeMans_AU_LGIT"
                },
                {
                  "status": "affected",
                  "version": "LeMansAU"
                },
                {
                  "status": "affected",
                  "version": "MDM9250"
                },
                {
                  "status": "affected",
                  "version": "MDM9628"
                },
                {
                  "status": "affected",
                  "version": "Milos"
                },
                {
                  "status": "affected",
                  "version": "Monaco_IOT"
                },
                {
                  "status": "affected",
                  "version": "Netrani"
                },
                {
                  "status": "affected",
                  "version": "Orne"
                },
                {
                  "status": "affected",
                  "version": "Palawan25"
                },
                {
                  "status": "affected",
                  "version": "Pandeiro"
                },
                {
                  "status": "affected",
                  "version": "QAM8255P"
                },
                {
                  "status": "affected",
                  "version": "QAM8295P"
                },
                {
                  "status": "affected",
                  "version": "QAMSRV1H"
                },
                {
                  "status": "affected",
                  "version": "QAMSRV1M"
                },
                {
                  "status": "affected",
                  "version": "QCA2066"
                },
                {
                  "status": "affected",
                  "version": "QCA6174A"
                },
                {
                  "status": "affected",
                  "version": "QCA6391"
                },
                {
                  "status": "affected",
                  "version": "QCA6564A"
                },
                {
                  "status": "affected",
                  "version": "QCA6564AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6574"
                },
                {
                  "status": "affected",
                  "version": "QCA6574A"
                },
                {
                  "status": "affected",
                  "version": "QCA6574AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6584AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6595"
                },
                {
                  "status": "affected",
                  "version": "QCA6595AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6678AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6688AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6696"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6797AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCA8695AU"
                },
                {
                  "status": "affected",
                  "version": "QCA9367"
                },
                {
                  "status": "affected",
                  "version": "QCA9377"
                },
                {
                  "status": "affected",
                  "version": "QCM2290"
                },
                {
                  "status": "affected",
                  "version": "QCM4325"
                },
                {
                  "status": "affected",
                  "version": "QCM4490"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6125"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN9011"
                },
                {
                  "status": "affected",
                  "version": "QCN9012"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "QCS2290"
                },
                {
                  "status": "affected",
                  "version": "QCS4290"
                },
                {
                  "status": "affected",
                  "version": "QCS4490"
                },
                {
                  "status": "affected",
                  "version": "QCS8550"
                },
                {
                  "status": "affected",
                  "version": "QLN1083BD"
                },
                {
                  "status": "affected",
                  "version": "QLN1086BD"
                },
                {
                  "status": "affected",
                  "version": "QMP1000"
                },
                {
                  "status": "affected",
                  "version": "QPA1083BD"
                },
                {
                  "status": "affected",
                  "version": "QPA1086BD"
                },
                {
                  "status": "affected",
                  "version": "QRB5165M"
                },
                {
                  "status": "affected",
                  "version": "QRB5165N"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm 215 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC5 Platform"
                },
                {
                  "status": "affected",
                  "version": "QXM1083"
                },
                {
                  "status": "affected",
                  "version": "QXM1086"
                },
                {
                  "status": "affected",
                  "version": "QXM1093"
                },
                {
                  "status": "affected",
                  "version": "QXM1094"
                },
                {
                  "status": "affected",
                  "version": "QXM1095"
                },
                {
                  "status": "affected",
                  "version": "QXM1096"
                },
                {
                  "status": "affected",
                  "version": "Robotics RB2 Platform"
                },
                {
                  "status": "affected",
                  "version": "Robotics RB5 Platform"
                },
                {
                  "status": "affected",
                  "version": "SA4150P"
                },
                {
                  "status": "affected",
                  "version": "SA4155P"
                },
                {
                  "status": "affected",
                  "version": "SA6145P"
                },
                {
                  "status": "affected",
                  "version": "SA6150P"
                },
                {
                  "status": "affected",
                  "version": "SA6155"
                },
                {
                  "status": "affected",
                  "version": "SA6155P"
                },
                {
                  "status": "affected",
                  "version": "SA7255P"
                },
                {
                  "status": "affected",
                  "version": "SA7775P"
                },
                {
                  "status": "affected",
                  "version": "SA8145P"
                },
                {
                  "status": "affected",
                  "version": "SA8150P"
                },
                {
                  "status": "affected",
                  "version": "SA8155"
                },
                {
                  "status": "affected",
                  "version": "SA8155P"
                },
                {
                  "status": "affected",
                  "version": "SA8195P"
                },
                {
                  "status": "affected",
                  "version": "SA8255P"
                },
                {
                  "status": "affected",
                  "version": "SA8295P"
                },
                {
                  "status": "affected",
                  "version": "SA8620P"
                },
                {
                  "status": "affected",
                  "version": "SA8770P"
                },
                {
                  "status": "affected",
                  "version": "SA9000P"
                },
                {
                  "status": "affected",
                  "version": "SAR1165P"
                },
                {
                  "status": "affected",
                  "version": "SAR1250P"
                },
                {
                  "status": "affected",
                  "version": "SAR2130P"
                },
                {
                  "status": "affected",
                  "version": "SAR2230P"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD626"
                },
                {
                  "status": "affected",
                  "version": "SD662"
                },
                {
                  "status": "affected",
                  "version": "SD865 5G"
                },
                {
                  "status": "affected",
                  "version": "SDA660"
                },
                {
                  "status": "affected",
                  "version": "SDM429W"
                },
                {
                  "status": "affected",
                  "version": "SDX61"
                },
                {
                  "status": "affected",
                  "version": "SM6225P"
                },
                {
                  "status": "affected",
                  "version": "SM6650P"
                },
                {
                  "status": "affected",
                  "version": "SM7325P"
                },
                {
                  "status": "affected",
                  "version": "SM7435"
                },
                {
                  "status": "affected",
                  "version": "SM7550"
                },
                {
                  "status": "affected",
                  "version": "SM7550P"
                },
                {
                  "status": "affected",
                  "version": "SM7635P"
                },
                {
                  "status": "affected",
                  "version": "SM7675"
                },
                {
                  "status": "affected",
                  "version": "SM7675P"
                },
                {
                  "status": "affected",
                  "version": "SM8475P"
                },
                {
                  "status": "affected",
                  "version": "SM8550P"
                },
                {
                  "status": "affected",
                  "version": "SM8635"
                },
                {
                  "status": "affected",
                  "version": "SM8635P"
                },
                {
                  "status": "affected",
                  "version": "SM8650Q"
                },
                {
                  "status": "affected",
                  "version": "SM8750P"
                },
                {
                  "status": "affected",
                  "version": "Smart Audio 400 Platform"
                },
                {
                  "status": "affected",
                  "version": "Smart Display 200 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 429 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 460 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 4 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 625 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 626 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 660 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 662 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 680 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 685 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 690 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 695 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 782G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7s Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Elite"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Elite Gen 5"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 820 Automotive Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 820Am"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 870 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR1 Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR1+ Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Auto 5G Modem-RF"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon W5+ Gen 1 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X12 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X53 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X55 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X65 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon XR2 5G Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon XR2+ Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "SRV1H"
                },
                {
                  "status": "affected",
                  "version": "SRV1M"
                },
                {
                  "status": "affected",
                  "version": "SW5100"
                },
                {
                  "status": "affected",
                  "version": "SW5100P"
                },
                {
                  "status": "affected",
                  "version": "SW6100"
                },
                {
                  "status": "affected",
                  "version": "SW6100P"
                },
                {
                  "status": "affected",
                  "version": "SXR2230P"
                },
                {
                  "status": "affected",
                  "version": "SXR2250P"
                },
                {
                  "status": "affected",
                  "version": "SXR2330P"
                },
                {
                  "status": "affected",
                  "version": "SXR2350P"
                },
                {
                  "status": "affected",
                  "version": "Themisto"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 100 Platform"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 200 Platform"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 400 Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9326"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                },
                {
                  "status": "affected",
                  "version": "WCD9335"
                },
                {
                  "status": "affected",
                  "version": "WCD9341"
                },
                {
                  "status": "affected",
                  "version": "WCD9360"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9371"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCD9390"
                },
                {
                  "status": "affected",
                  "version": "WCD9395"
                },
                {
                  "status": "affected",
                  "version": "WCN3615"
                },
                {
                  "status": "affected",
                  "version": "WCN3620"
                },
                {
                  "status": "affected",
                  "version": "WCN3660B"
                },
                {
                  "status": "affected",
                  "version": "WCN3680B"
                },
                {
                  "status": "affected",
                  "version": "WCN3910"
                },
                {
                  "status": "affected",
                  "version": "WCN3950"
                },
                {
                  "status": "affected",
                  "version": "WCN3980"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN3990"
                },
                {
                  "status": "affected",
                  "version": "WCN6450"
                },
                {
                  "status": "affected",
                  "version": "WCN6650"
                },
                {
                  "status": "affected",
                  "version": "WCN6755"
                },
                {
                  "status": "affected",
                  "version": "WCN7860"
                },
                {
                  "status": "affected",
                  "version": "WCN7861"
                },
                {
                  "status": "affected",
                  "version": "WCN7880"
                },
                {
                  "status": "affected",
                  "version": "WCN7881"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while using alignments for memory allocation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190 Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-02T16:53:59.406Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html"
            }
          ],
          "title": "Integer Overflow or Wraparound in Graphics"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-21385",
        "datePublished": "2026-03-02T16:53:59.406Z",
        "dateReserved": "2025-12-17T04:35:45.743Z",
        "dateUpdated": "2026-03-04T04:55:16.033Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-47383 (GCVE-0-2025-47383)

    Vulnerability from cvelistv5 – Published: 2026-03-02 16:53 – Updated: 2026-03-03 04:56
    VLAI
    Title
    Missing Cryptographic Step in Data Modem
    Summary
    Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-325 - Missing Cryptographic Step
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 5G Fixed Wireless Access Platform
    Affected: 9206 LTE Modem
    Affected: 9207 LTE Modem
    Affected: APQ8098
    Affected: AQT1000
    Affected: AR8035
    Affected: C-V2X 9150
    Affected: CSRA6620
    Affected: CSRA6640
    Affected: CSRB31024
    Affected: FastConnect 6200
    Affected: FastConnect 6700
    Affected: FastConnect 6800
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: FSM100 Platform
    Affected: FWA Gen 3 Ultra Platform
    Affected: G1 Gen 1
    Affected: MDM8207
    Affected: MDM9250
    Affected: MDM9628
    Affected: MDM9640
    Affected: Milos
    Affected: Netrani
    Affected: Orne
    Affected: Palawan25
    Affected: QCA6174A
    Affected: QCA6391
    Affected: QCA6420
    Affected: QCA6430
    Affected: QCA6564A
    Affected: QCA6564AU
    Affected: QCA6574
    Affected: QCA6574A
    Affected: QCA6574AU
    Affected: QCA6584
    Affected: QCA6584AU
    Affected: QCA6595AU
    Affected: QCA6678AQ
    Affected: QCA6688AQ
    Affected: QCA6696
    Affected: QCA6698AQ
    Affected: QCA6698AU
    Affected: QCA6797AQ
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCA9367
    Affected: QCA9377
    Affected: QCC710
    Affected: QCM2290
    Affected: QCM4325
    Affected: QCM4490
    Affected: QCM5430
    Affected: QCM6125
    Affected: QCM6490
    Affected: QCN6024
    Affected: QCN6224
    Affected: QCN6274
    Affected: QCN9011
    Affected: QCN9012
    Affected: QCN9024
    Affected: QCS2290
    Affected: QCS4290
    Affected: QCS4490
    Affected: QCS8550
    Affected: QEP8111
    Affected: QFW7114
    Affected: QFW7124
    Affected: QMP1000
    Affected: Qualcomm 215 Mobile Platform
    Affected: Qualcomm Video Collaboration VC1 Platform
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: Robotics RB2 Platform
    Affected: SD 8 Gen1 5G
    Affected: SD626
    Affected: SD662
    Affected: SDA660
    Affected: SDM429W
    Affected: SDX57M
    Affected: SDX61
    Affected: SDX71M
    Affected: SM6225P
    Affected: SM6250
    Affected: SM6650P
    Affected: SM7325P
    Affected: SM7435
    Affected: SM7550
    Affected: SM7550P
    Affected: SM7635P
    Affected: SM7675
    Affected: SM7675P
    Affected: SM8475P
    Affected: SM8550P
    Affected: SM8635
    Affected: SM8635P
    Affected: SM8650Q
    Affected: SM8750P
    Affected: Smart Display 200 Platform
    Affected: Snapdragon 1100 Wearable Platform
    Affected: Snapdragon 1200 Wearable Platform
    Affected: Snapdragon 4 Gen 1 Mobile Platform
    Affected: Snapdragon 4 Gen 2 Mobile Platform
    Affected: Snapdragon 429 Mobile Platform
    Affected: Snapdragon 460 Mobile Platform
    Affected: Snapdragon 480 5G Mobile Platform
    Affected: Snapdragon 480+ 5G Mobile Platform
    Affected: Snapdragon 6 Gen 1 Mobile Platform
    Affected: Snapdragon 6 Gen 3 Mobile Platform
    Affected: Snapdragon 6 Gen 4 Mobile Platform
    Affected: Snapdragon 625 Mobile Platform
    Affected: Snapdragon 626 Mobile Platform
    Affected: Snapdragon 660 Mobile Platform
    Affected: Snapdragon 662 Mobile Platform
    Affected: Snapdragon 680 4G Mobile Platform
    Affected: Snapdragon 685 4G Mobile Platform
    Affected: Snapdragon 690 5G Mobile Platform
    Affected: Snapdragon 695 5G Mobile Platform
    Affected: Snapdragon 7 Gen 1 Mobile Platform
    Affected: Snapdragon 7+ Gen 2 Mobile Platform
    Affected: Snapdragon 778G 5G Mobile Platform
    Affected: Snapdragon 778G+ 5G Mobile Platform
    Affected: Snapdragon 782G Mobile Platform
    Affected: Snapdragon 7c Compute Platform
    Affected: Snapdragon 7c Gen 2 Compute Platform "Rennell Pro"
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 7s Gen 3 Mobile Platform
    Affected: Snapdragon 8 Elite
    Affected: Snapdragon 8 Gen 1 Mobile Platform
    Affected: Snapdragon 8 Gen 2 Mobile Platform
    Affected: Snapdragon 8 Gen 3 Mobile Platform
    Affected: Snapdragon 8+ Gen 1 Mobile Platform
    Affected: Snapdragon 8+ Gen 2 Mobile Platform
    Affected: Snapdragon 820 Automotive Platform
    Affected: Snapdragon 820Am
    Affected: Snapdragon 865 5G Mobile Platform
    Affected: Snapdragon 865+ 5G Mobile Platform
    Affected: Snapdragon 870 5G Mobile Platform
    Affected: Snapdragon 888 5G Mobile Platform
    Affected: Snapdragon 888+ 5G Mobile Platform
    Affected: Snapdragon 8c Compute Platform "Poipu Lite"
    Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
    Affected: Snapdragon 8cx Compute Platform
    Affected: Snapdragon 8cx Compute Platform "Poipu Pro"
    Affected: Snapdragon 8cx Gen 2 5G Compute Platform
    Affected: Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro"
    Affected: Snapdragon Auto 5G Modem-RF
    Affected: Snapdragon Auto 5G Modem-RF Gen 2
    Affected: Snapdragon W5+ Gen 1 Wearable Platform
    Affected: Snapdragon X12 LTE Modem
    Affected: Snapdragon X32 5G Modem-RF System
    Affected: Snapdragon X35 5G Modem-RF System
    Affected: Snapdragon X5 LTE Modem
    Affected: Snapdragon X53 5G Modem-RF System
    Affected: Snapdragon X55 5G Modem-RF System
    Affected: Snapdragon X65 5G Modem-RF System
    Affected: Snapdragon X70 Modem-RF System
    Affected: Snapdragon X72 5G Modem-RF System
    Affected: Snapdragon X75 5G Modem-RF System
    Affected: Snapdragon X80 5G Modem-RF System
    Affected: SnapdragonAuto 4GModem
    Affected: SW5100
    Affected: SW5100P
    Affected: SW6100
    Affected: SW6100P
    Affected: Themisto
    Affected: Vision Intelligence 100 Platform
    Affected: Vision Intelligence 200 Platform
    Affected: Vision Intelligence 400 Platform
    Affected: WCD9306
    Affected: WCD9326
    Affected: WCD9330
    Affected: WCD9335
    Affected: WCD9340
    Affected: WCD9341
    Affected: WCD9360
    Affected: WCD9370
    Affected: WCD9371
    Affected: WCD9375
    Affected: WCD9378
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCD9390
    Affected: WCD9395
    Affected: WCN3615
    Affected: WCN3620
    Affected: WCN3660B
    Affected: WCN3680B
    Affected: WCN3910
    Affected: WCN3950
    Affected: WCN3980
    Affected: WCN3988
    Affected: WCN3990
    Affected: WCN6650
    Affected: WCN6755
    Affected: WCN7860
    Affected: WCN7861
    Affected: WCN7880
    Affected: WCN7881
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-47383",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-03T04:56:19.656Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Auto",
                "Snapdragon Compute",
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT",
                "Snapdragon MDM",
                "Snapdragon Mobile",
                "Snapdragon WBC",
                "Snapdragon Wearables"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "5G Fixed Wireless Access Platform"
                },
                {
                  "status": "affected",
                  "version": "9206 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "9207 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "APQ8098"
                },
                {
                  "status": "affected",
                  "version": "AQT1000"
                },
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "C-V2X 9150"
                },
                {
                  "status": "affected",
                  "version": "CSRA6620"
                },
                {
                  "status": "affected",
                  "version": "CSRA6640"
                },
                {
                  "status": "affected",
                  "version": "CSRB31024"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6200"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6800"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "FSM100 Platform"
                },
                {
                  "status": "affected",
                  "version": "FWA Gen 3 Ultra Platform"
                },
                {
                  "status": "affected",
                  "version": "G1 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "MDM8207"
                },
                {
                  "status": "affected",
                  "version": "MDM9250"
                },
                {
                  "status": "affected",
                  "version": "MDM9628"
                },
                {
                  "status": "affected",
                  "version": "MDM9640"
                },
                {
                  "status": "affected",
                  "version": "Milos"
                },
                {
                  "status": "affected",
                  "version": "Netrani"
                },
                {
                  "status": "affected",
                  "version": "Orne"
                },
                {
                  "status": "affected",
                  "version": "Palawan25"
                },
                {
                  "status": "affected",
                  "version": "QCA6174A"
                },
                {
                  "status": "affected",
                  "version": "QCA6391"
                },
                {
                  "status": "affected",
                  "version": "QCA6420"
                },
                {
                  "status": "affected",
                  "version": "QCA6430"
                },
                {
                  "status": "affected",
                  "version": "QCA6564A"
                },
                {
                  "status": "affected",
                  "version": "QCA6564AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6574"
                },
                {
                  "status": "affected",
                  "version": "QCA6574A"
                },
                {
                  "status": "affected",
                  "version": "QCA6574AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6584"
                },
                {
                  "status": "affected",
                  "version": "QCA6584AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6595AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6678AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6688AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6696"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6797AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCA9367"
                },
                {
                  "status": "affected",
                  "version": "QCA9377"
                },
                {
                  "status": "affected",
                  "version": "QCC710"
                },
                {
                  "status": "affected",
                  "version": "QCM2290"
                },
                {
                  "status": "affected",
                  "version": "QCM4325"
                },
                {
                  "status": "affected",
                  "version": "QCM4490"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6125"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN6224"
                },
                {
                  "status": "affected",
                  "version": "QCN6274"
                },
                {
                  "status": "affected",
                  "version": "QCN9011"
                },
                {
                  "status": "affected",
                  "version": "QCN9012"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "QCS2290"
                },
                {
                  "status": "affected",
                  "version": "QCS4290"
                },
                {
                  "status": "affected",
                  "version": "QCS4490"
                },
                {
                  "status": "affected",
                  "version": "QCS8550"
                },
                {
                  "status": "affected",
                  "version": "QEP8111"
                },
                {
                  "status": "affected",
                  "version": "QFW7114"
                },
                {
                  "status": "affected",
                  "version": "QFW7124"
                },
                {
                  "status": "affected",
                  "version": "QMP1000"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm 215 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "Robotics RB2 Platform"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD626"
                },
                {
                  "status": "affected",
                  "version": "SD662"
                },
                {
                  "status": "affected",
                  "version": "SDA660"
                },
                {
                  "status": "affected",
                  "version": "SDM429W"
                },
                {
                  "status": "affected",
                  "version": "SDX57M"
                },
                {
                  "status": "affected",
                  "version": "SDX61"
                },
                {
                  "status": "affected",
                  "version": "SDX71M"
                },
                {
                  "status": "affected",
                  "version": "SM6225P"
                },
                {
                  "status": "affected",
                  "version": "SM6250"
                },
                {
                  "status": "affected",
                  "version": "SM6650P"
                },
                {
                  "status": "affected",
                  "version": "SM7325P"
                },
                {
                  "status": "affected",
                  "version": "SM7435"
                },
                {
                  "status": "affected",
                  "version": "SM7550"
                },
                {
                  "status": "affected",
                  "version": "SM7550P"
                },
                {
                  "status": "affected",
                  "version": "SM7635P"
                },
                {
                  "status": "affected",
                  "version": "SM7675"
                },
                {
                  "status": "affected",
                  "version": "SM7675P"
                },
                {
                  "status": "affected",
                  "version": "SM8475P"
                },
                {
                  "status": "affected",
                  "version": "SM8550P"
                },
                {
                  "status": "affected",
                  "version": "SM8635"
                },
                {
                  "status": "affected",
                  "version": "SM8635P"
                },
                {
                  "status": "affected",
                  "version": "SM8650Q"
                },
                {
                  "status": "affected",
                  "version": "SM8750P"
                },
                {
                  "status": "affected",
                  "version": "Smart Display 200 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1100 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 1200 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 429 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 460 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 4 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 625 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 626 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 660 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 662 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 680 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 685 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 690 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 695 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 782G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c Gen 2 Compute Platform \"Rennell Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7s Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Elite"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 820 Automotive Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 820Am"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 870 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8c Compute Platform \"Poipu Lite\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Compute Platform \"Poipu Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 2 5G Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 2 5G Compute Platform \"Poipu Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Auto 5G Modem-RF"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Auto 5G Modem-RF Gen 2"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon W5+ Gen 1 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X12 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X32 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X35 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X5 LTE Modem"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X53 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X55 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X65 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X70 Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X72 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X75 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X80 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "SnapdragonAuto 4GModem"
                },
                {
                  "status": "affected",
                  "version": "SW5100"
                },
                {
                  "status": "affected",
                  "version": "SW5100P"
                },
                {
                  "status": "affected",
                  "version": "SW6100"
                },
                {
                  "status": "affected",
                  "version": "SW6100P"
                },
                {
                  "status": "affected",
                  "version": "Themisto"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 100 Platform"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 200 Platform"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 400 Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9306"
                },
                {
                  "status": "affected",
                  "version": "WCD9326"
                },
                {
                  "status": "affected",
                  "version": "WCD9330"
                },
                {
                  "status": "affected",
                  "version": "WCD9335"
                },
                {
                  "status": "affected",
                  "version": "WCD9340"
                },
                {
                  "status": "affected",
                  "version": "WCD9341"
                },
                {
                  "status": "affected",
                  "version": "WCD9360"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9371"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCD9390"
                },
                {
                  "status": "affected",
                  "version": "WCD9395"
                },
                {
                  "status": "affected",
                  "version": "WCN3615"
                },
                {
                  "status": "affected",
                  "version": "WCN3620"
                },
                {
                  "status": "affected",
                  "version": "WCN3660B"
                },
                {
                  "status": "affected",
                  "version": "WCN3680B"
                },
                {
                  "status": "affected",
                  "version": "WCN3910"
                },
                {
                  "status": "affected",
                  "version": "WCN3950"
                },
                {
                  "status": "affected",
                  "version": "WCN3980"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN3990"
                },
                {
                  "status": "affected",
                  "version": "WCN6650"
                },
                {
                  "status": "affected",
                  "version": "WCN6755"
                },
                {
                  "status": "affected",
                  "version": "WCN7860"
                },
                {
                  "status": "affected",
                  "version": "WCN7861"
                },
                {
                  "status": "affected",
                  "version": "WCN7880"
                },
                {
                  "status": "affected",
                  "version": "WCN7881"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-325",
                  "description": "CWE-325: Missing Cryptographic Step",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-02T16:53:52.332Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html"
            }
          ],
          "title": "Missing Cryptographic Step in Data Modem"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-47383",
        "datePublished": "2026-03-02T16:53:52.332Z",
        "dateReserved": "2025-05-06T08:33:16.266Z",
        "dateUpdated": "2026-03-03T04:56:19.656Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-30327 (GCVE-0-2021-30327)

    Vulnerability from cvelistv5 – Published: 2022-06-14 10:10 – Updated: 2024-08-03 22:32
    VLAI
    Summary
    Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music
    CWE
    • Buffer overflow in EDL Sahara protocol
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music Affected: APQ8097, APQ8098, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, MDM9205, MSM8997, MSM8998, QCA6595, QCA6595AU, QCN7605, QCN7605W, QCN7606, QCN7606W, QCS401, QCS402, QCS403, QCS404, QCS405, QCS407, SA2145P, SA2150P, SA4150P, SA4155P, SA415M, SA4250P, SA515M, SA6115, SA6115P, SA6125, SA6125P, SA6145, SA6145P, SA615x, SA615xP, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC7180P, SC8180X, SC8180XP, SDA658, SDA660, SDA670, SDA830, SDA845, SDM640, SDM658, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDPX55M, SDX24, SDX24M, SDX55, SM4250, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T22:32:40.865Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice \u0026 Music",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8097, APQ8098, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, MDM9205, MSM8997, MSM8998, QCA6595, QCA6595AU, QCN7605, QCN7605W, QCN7606, QCN7606W, QCS401, QCS402, QCS403, QCS404, QCS405, QCS407, SA2145P, SA2150P, SA4150P, SA4155P, SA415M, SA4250P, SA515M, SA6115, SA6115P, SA6125, SA6125P, SA6145, SA6145P, SA615x, SA615xP, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC7180P, SC8180X, SC8180XP, SDA658, SDA660, SDA670, SDA830, SDA845, SDM640, SDM658, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDPX55M, SDX24, SDX24M, SDX55, SM4250, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice \u0026 Music"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer overflow in EDL Sahara protocol",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-14T10:10:50.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2021-30327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice \u0026 Music",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8097, APQ8098, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, MDM9205, MSM8997, MSM8998, QCA6595, QCA6595AU, QCN7605, QCN7605W, QCN7606, QCN7606W, QCS401, QCS402, QCS403, QCS404, QCS405, QCS407, SA2145P, SA2150P, SA4150P, SA4155P, SA415M, SA4250P, SA515M, SA6115, SA6115P, SA6125, SA6125P, SA6145, SA6145P, SA615x, SA615xP, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC7180P, SC8180X, SC8180XP, SDA658, SDA660, SDA670, SDA830, SDA845, SDM640, SDM658, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDPX55M, SDX24, SDX24M, SDX55, SM4250, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice \u0026 Music"
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": "7.5",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer overflow in EDL Sahara protocol"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2021-30327",
        "datePublished": "2022-06-14T10:10:50.000Z",
        "dateReserved": "2021-04-07T00:00:00.000Z",
        "dateUpdated": "2024-08-03T22:32:40.865Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11207 (GCVE-0-2020-11207)

    Vulnerability from cvelistv5 – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P
    Severity
    No CVSS data available.
    CWE
    • Buffer Copy Without Checking Size of Input in Computer Vision
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Affected: APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Copy Without Checking Size of Input in Computer Vision",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-10T12:13:27.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11207",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Copy Without Checking Size of Input in Computer Vision"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/",
                  "refsource": "MISC",
                  "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
                },
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                },
                {
                  "name": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/",
                  "refsource": "MISC",
                  "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11207",
        "datePublished": "2020-11-12T10:00:58.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11206 (GCVE-0-2020-11206)

    Vulnerability from cvelistv5 – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
    Severity
    No CVSS data available.
    CWE
    • Untrusted Pointer Dereference in ComputerVision
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Affected: APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.377Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Untrusted Pointer Dereference in ComputerVision",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-10T12:13:21.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11206",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Untrusted Pointer Dereference in ComputerVision"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/",
                  "refsource": "MISC",
                  "url": "https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"
                },
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                },
                {
                  "name": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/",
                  "refsource": "MISC",
                  "url": "https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11206",
        "datePublished": "2020-11-12T10:00:57.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11196 (GCVE-0-2020-11196)

    Vulnerability from cvelistv5 – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Integer Overflow to Buffer Overflow in Video
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Affected: APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.538Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Integer Overflow to Buffer Overflow in Video",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:55.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11196",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Integer Overflow to Buffer Overflow in Video"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11196",
        "datePublished": "2020-11-12T10:00:55.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.538Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11193 (GCVE-0-2020-11193)

    Vulnerability from cvelistv5 – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Integer Overflow to Buffer Overflow Issue in Video
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Affected: APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Integer Overflow to Buffer Overflow Issue in Video",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:55.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11193",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Integer Overflow to Buffer Overflow Issue in Video"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11193",
        "datePublished": "2020-11-12T10:00:55.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.195Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11168 (GCVE-0-2020-11168)

    Vulnerability from cvelistv5 – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:28
    VLAI
    Summary
    u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Untrusted Pointer Dereference Issue in Video
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Affected: APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:28:13.156Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Untrusted Pointer Dereference Issue in Video",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:54.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11168",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8053, APQ8064AU, APQ8096AU, APQ8098, MDM9206, MDM9650, MSM8909W, MSM8953, MSM8996AU, QCM4290, QCS405, QCS4290, QCS603, QCS605, QM215, QSM8350, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM450, SDM632, SDM640, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Untrusted Pointer Dereference Issue in Video"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11168",
        "datePublished": "2020-11-12T10:00:54.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:28:13.156Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11132 (GCVE-0-2020-11132)

    Vulnerability from cvelistv5 – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:21
    VLAI
    Summary
    u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Buffer Over read Issue in Boot
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:21:14.727Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027Buffer over read in boot due to size check ignored before copying GUID attribute from request to response\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Over read Issue in Boot",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:53.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11132",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027Buffer over read in boot due to size check ignored before copying GUID attribute from request to response\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Over read Issue in Boot"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11132",
        "datePublished": "2020-11-12T10:00:53.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:21:14.727Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11123 (GCVE-0-2020-11123)

    Vulnerability from cvelistv5 – Published: 2020-11-12 10:00 – Updated: 2024-08-04 11:21
    VLAI
    Summary
    u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Severity
    No CVSS data available.
    CWE
    • Cryptographic Issue in HLOS
    Assigner
    References
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected: APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:21:14.678Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "u\u0027information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cryptographic Issue in HLOS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T10:00:51.000Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@qualcomm.com",
              "ID": "CVE-2020-11123",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "u\u0027information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cryptographic Issue in HLOS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin",
                  "refsource": "CONFIRM",
                  "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2020-11123",
        "datePublished": "2020-11-12T10:00:51.000Z",
        "dateReserved": "2020-03-31T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:21:14.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }