Vulnerabilities > CVE-2020-11266 - Unspecified vulnerability in Qualcomm products

CVSS 6.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

qualcomm

NVD

Published: 2021-06-09

Updated: 2021-06-16

Summary

Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Ar7420 Firmware - Qualcomm Ar9580 Firmware - Qualcomm Csr8811 Firmware - Qualcomm Ipq4018 Firmware - Qualcomm Ipq4019 Firmware - Qualcomm Ipq4028 Firmware - Qualcomm Ipq4029 Firmware - Qualcomm Qca10901 Firmware - Qualcomm Qca4024 Firmware - Qualcomm Qca7500 Firmware - Qualcomm Qca7520 Firmware - Qualcomm Qca7550 Firmware - Qualcomm Qca8075 Firmware - Qualcomm Qca9880 Firmware - Qualcomm Qca9886 Firmware - Qualcomm Qca9888 Firmware - Qualcomm Qca9889 Firmware - Qualcomm Qca9898 Firmware - Qualcomm Qca9984 Firmware - Qualcomm Qca9992 Firmware - Qualcomm Qca9994 Firmware - Qualcomm Qcn3018 Firmware - Qualcomm Qfe1922 Firmware - Qualcomm Qfe1952 Firmware - Qualcomm Wcd9340 Firmware - Qualcomm Wsa8810 Firmware -	26
Hardware	Qualcomm Qualcomm Ar7420 - Qualcomm Ar9580 - Qualcomm Csr8811 - Qualcomm Ipq4018 - Qualcomm Ipq4019 - Qualcomm Ipq4028 - Qualcomm Ipq4029 - Qualcomm Qca10901 - Qualcomm Qca4024 - Qualcomm Qca7500 - Qualcomm Qca7520 - Qualcomm Qca7550 - Qualcomm Qca8075 - Qualcomm Qca9880 - Qualcomm Qca9886 - Qualcomm Qca9888 - Qualcomm Qca9889 - Qualcomm Qca9898 - Qualcomm Qca9984 - Qualcomm Qca9992 - Qualcomm Qca9994 - Qualcomm Qcn3018 - Qualcomm Qfe1922 - Qualcomm Qfe1952 - Qualcomm Wcd9340 - Qualcomm Wsa8810 -	26

References

https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin