CVE-2020-11135

HIGH

Qualcomm Snapdragon - Reachable Assertion in APE Clips Parser

Title source: llm

Description

u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, Kamorta, MSM8917, MSM8953, Nicobar, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin

Scores

CVSS v3 7.5

EPSS 0.0024

EPSS Percentile 47.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-617

Status published

Products (27)

qualcomm/apq8098_firmware

qualcomm/kamorta_firmware

qualcomm/msm8917_firmware

qualcomm/msm8953_firmware

qualcomm/nicobar_firmware

qualcomm/qcm2150_firmware

qualcomm/qcs605_firmware

qualcomm/qm215_firmware

qualcomm/rennell_firmware

qualcomm/sa6155p_firmware

... and 17 more

Published Sep 09, 2020

Tracked Since Feb 18, 2026