Vulnerabilities > CVE-2020-11210 - Out-of-bounds Write vulnerability in Qualcomm products

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

qualcomm

CWE-787

NVD

Published: 2021-04-07

Updated: 2022-05-03

Summary

Possible memory corruption in RPM region due to improper XPU configuration in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Ar8035 Firmware - Qualcomm Pm4125 Firmware - Qualcomm Pm4250 Firmware - Qualcomm Pm6125 Firmware - Qualcomm Pm6150A Firmware - Qualcomm Pm6150L Firmware - Qualcomm Pm6350 Firmware - Qualcomm Pm7250B Firmware - Qualcomm Pm8008 Firmware - Qualcomm Pmd9655 Firmware - Qualcomm Pmi632 Firmware - Qualcomm Pmk8003 Firmware - Qualcomm Qat3519 Firmware - Qualcomm Qat3522 Firmware - Qualcomm Qat3555 Firmware - Qualcomm Qat5515 Firmware - Qualcomm Qat5516 Firmware - Qualcomm Qca6390 Firmware - Qualcomm Qca9984 Firmware - Qualcomm Qcm2290 Firmware - Qualcomm Qcm4290 Firmware - Qualcomm Qcs2290 Firmware - Qualcomm Qcs405 Firmware - Qualcomm Qcs4290 Firmware - Qualcomm Qdm2301 Firmware - Qualcomm Qdm2302 Firmware - Qualcomm Qet4101 Firmware - Qualcomm Qet6105 Firmware - Qualcomm Qpa4360 Firmware - Qualcomm Qpa4361 Firmware - Qualcomm Qpa6560 Firmware - Qualcomm Qpa8673 Firmware - Qualcomm Qsw6310 Firmware - Qualcomm Qsw8573 Firmware - Qualcomm Qsw8574 Firmware - Qualcomm Qtc410S Firmware - Qualcomm Qtm525 Firmware - Qualcomm Sd460 Firmware - Qualcomm Sd480 Firmware - Qualcomm Sd662 Firmware - Qualcomm Sd665 Firmware - Qualcomm Sdr425 Firmware - Qualcomm Sdr660 Firmware - Qualcomm Sdr735 Firmware - Qualcomm Sdr735G Firmware - Qualcomm Sm4125 Firmware - Qualcomm Smb1351 Firmware - Qualcomm Smb1354 Firmware - Qualcomm Smb1355 Firmware - Qualcomm Smb1396 Firmware - Qualcomm Smr526 Firmware - Qualcomm Wcd9370 Firmware - Qualcomm Wcd9375 Firmware - Qualcomm Wcd9385 Firmware - Qualcomm Wcn3910 Firmware - Qualcomm Wcn3950 Firmware - Qualcomm Wcn3980 Firmware - Qualcomm Wcn3988 Firmware - Qualcomm Wcn3991 Firmware - Qualcomm Wcn3998 Firmware - Qualcomm Wcn3999 Firmware - Qualcomm Wcn6850 Firmware - Qualcomm Wgr7640 Firmware - Qualcomm Wsa8810 Firmware - Qualcomm Wsa8815 Firmware - Qualcomm Wtr2965 Firmware - Qualcomm Wtr3925 Firmware -	67
Hardware	Qualcomm Qualcomm Ar8035 - Qualcomm Pm4125 - Qualcomm Pm4250 - Qualcomm Pm6125 - Qualcomm Pm6150A - Qualcomm Pm6150L - Qualcomm Pm6350 - Qualcomm Pm7250B - Qualcomm Pm8008 - Qualcomm Pmd9655 - Qualcomm Pmi632 - Qualcomm Pmk8003 - Qualcomm Qat3519 - Qualcomm Qat3522 - Qualcomm Qat3555 - Qualcomm Qat5515 - Qualcomm Qat5516 - Qualcomm Qca6390 - Qualcomm Qca9984 - Qualcomm Qcm2290 - Qualcomm Qcm4290 - Qualcomm Qcs2290 - Qualcomm Qcs405 - Qualcomm Qcs4290 - Qualcomm Qdm2301 - Qualcomm Qdm2302 - Qualcomm Qet4101 - Qualcomm Qet6105 - Qualcomm Qpa4360 - Qualcomm Qpa4361 - Qualcomm Qpa6560 - Qualcomm Qpa8673 - Qualcomm Qsw6310 - Qualcomm Qsw8573 - Qualcomm Qsw8574 - Qualcomm Qtc410S - Qualcomm Qtm525 - Qualcomm Sd460 - Qualcomm Sd480 - Qualcomm Sd662 - Qualcomm Sd665 - Qualcomm Sdr425 - Qualcomm Sdr660 - Qualcomm Sdr735 - Qualcomm Sdr735G - Qualcomm Sm4125 - Qualcomm Smb1351 - Qualcomm Smb1354 - Qualcomm Smb1355 - Qualcomm Smb1396 - Qualcomm Smr526 - Qualcomm Wcd9370 - Qualcomm Wcd9375 - Qualcomm Wcd9385 - Qualcomm Wcn3910 - Qualcomm Wcn3950 - Qualcomm Wcn3980 - Qualcomm Wcn3988 - Qualcomm Wcn3991 - Qualcomm Wcn3998 - Qualcomm Wcn3999 - Qualcomm Wcn6850 - Qualcomm Wgr7640 - Qualcomm Wsa8810 - Qualcomm Wsa8815 - Qualcomm Wtr2965 - Qualcomm Wtr3925 -	67

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin