CVE-2020-11208

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument’ in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439

Reference Links(if available):

  • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin
  • https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/
  • https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/
  • CVSS Score (if available)

    v2: / HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C

    v3: / HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    Links to Exploits(if available)

  • Available for Amazon Prime