Vulnerabilities > CVE-2020-11157 - Unspecified vulnerability in Qualcomm products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

qualcomm

NVD

Published: 2020-11-02

Updated: 2021-07-21

Summary

u'Lack of handling unexpected control messages while encryption was in progress can terminate the connection and thus leading to a DoS' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8076, MDM9640, MDM9650, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, QCA6174A, QCA9886, QCM2150, QM215, SDM429, SDM439, SDM450, SDM632

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Apq8053 Firmware - Qualcomm Apq8076 Firmware - Qualcomm Mdm9640 Firmware - Qualcomm Mdm9650 Firmware - Qualcomm Msm8905 Firmware - Qualcomm Msm8917 Firmware - Qualcomm Msm8937 Firmware - Qualcomm Msm8940 Firmware - Qualcomm Msm8953 Firmware - Qualcomm Qca6174A Firmware - Qualcomm Qca9886 Firmware - Qualcomm Qcm2150 Firmware - Qualcomm Qm215 Firmware - Qualcomm Sdm429 Firmware - Qualcomm Sdm439 Firmware - Qualcomm Sdm450 Firmware - Qualcomm Sdm632 Firmware -	17
Hardware	Qualcomm Qualcomm Apq8053 - Qualcomm Apq8076 - Qualcomm Mdm9640 - Qualcomm Mdm9650 - Qualcomm Msm8905 - Qualcomm Msm8917 - Qualcomm Msm8937 - Qualcomm Msm8940 - Qualcomm Msm8953 - Qualcomm Qca6174A - Qualcomm Qca9886 - Qualcomm Qcm2150 - Qualcomm Qm215 - Qualcomm Sdm429 - Qualcomm Sdm439 - Qualcomm Sdm450 - Qualcomm Sdm632 -	17

References

https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin