CVE-2020-11243

HIGH

Qualcomm Aqt1000 Firmware - Improper Exception Handling

Title source: rule

Description

RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

References (1)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Scores

CVSS v3 7.5

EPSS 0.0024

EPSS Percentile 47.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-755

Status published

Affected Products (50)

qualcomm/aqt1000_firmware

qualcomm/ar8035_firmware

qualcomm/fsm10055_firmware

qualcomm/fsm10056_firmware

qualcomm/pm3003a_firmware

qualcomm/pm7150a_firmware

qualcomm/pm7150l_firmware

qualcomm/pm7250_firmware

qualcomm/pm7250b_firmware

qualcomm/pm8004_firmware

qualcomm/pm8008_firmware

qualcomm/pm8009_firmware

qualcomm/pm8150_firmware

qualcomm/pm8150a_firmware

qualcomm/pm8150b_firmware

... and 35 more

Timeline

Published Apr 07, 2021

Tracked Since Feb 18, 2026