CVE-2020-11164 Information
Feb 14, 2021
cve
Description
u’Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control’ in Snapdragon Auto Snapdragon Connectivity Snapdragon Consumer IOT Snapdragon Industrial IOT Snapdragon Mobile Snapdragon Wearables in Agatti APQ8096AU APQ8098 Bitra Kamorta MSM8909W MSM8917 MSM8940 Nicobar QCA6390 QCM2150 QCS605 Rennell SA6155P SA8155P Saipan SDA660 SDM429W SDM450 SDM630 SDM636 SDM660 SDM670 SDM710 SM6150 SM7150 SM8150 SM8250 SXR1130 SXR2130
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Reference
https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: