CVE-2020-11141
HIGHQualcomm Apq8009 Firmware - Improper Input Validation
Title source: ruleDescription
u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, SA415M, SA515M, SC8180X, SDX55, SM8250
References (2)
Core 2
Core References
Broken Link x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin
Scores
CVSS v3
8.1
EPSS
0.0007
EPSS Percentile
22.0%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-125
CWE-20
Status
published
Products (9)
qualcomm/apq8009_firmware
qualcomm/apq8053_firmware
qualcomm/qca6390_firmware
qualcomm/qcn7605_firmware
qualcomm/sa415m_firmware
qualcomm/sa515m_firmware
qualcomm/sc8180x_firmware
qualcomm/sdx55_firmware
qualcomm/sm8250_firmware
Published
Nov 02, 2020
Tracked Since
Feb 18, 2026