CVE-2020-11153
CRITICALQualcomm APQ8053/QCA6390/QCA9379/QCN7605/SC8180X/SDX55 Firmware - Out-of-bounds Write via GATT Data Processing
Title source: llmDescription
u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8053, QCA6390, QCA9379, QCN7605, SC8180X, SDX55
References (2)
Core 2
Core References
Broken Link x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin
Scores
CVSS v3
9.8
EPSS
0.0383
EPSS Percentile
88.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (6)
qualcomm/apq8053_firmware
qualcomm/qca6390_firmware
qualcomm/qca9379_firmware
qualcomm/qcn7605_firmware
qualcomm/sc8180x_firmware
qualcomm/sdx55_firmware
Published
Nov 02, 2020
Tracked Since
Feb 18, 2026