Information disclosure issue due to lack of validation of pointer arguments passed to TZ BSP in Snapdragon Wired Infrastructure and Networking

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00045.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Qualcomm Subscribe
Ar7420 Subscribe
Ar7420 Firmware Subscribe
Ar9580 Subscribe
Ar9580 Firmware Subscribe
Csr8811 Subscribe
Csr8811 Firmware Subscribe
Ipq4018 Subscribe
Ipq4018 Firmware Subscribe
Ipq4019 Subscribe
Ipq4019 Firmware Subscribe
Ipq4028 Subscribe
Ipq4028 Firmware Subscribe
Ipq4029 Subscribe
Ipq4029 Firmware Subscribe
Qca10901 Subscribe
Qca10901 Firmware Subscribe
Qca4024 Subscribe
Qca4024 Firmware Subscribe
Qca7500 Subscribe
Qca7500 Firmware Subscribe
Qca7520 Subscribe
Qca7520 Firmware Subscribe
Qca7550 Subscribe
Qca7550 Firmware Subscribe
Qca8075 Subscribe
Qca8075 Firmware Subscribe
Qca9880 Subscribe
Qca9880 Firmware Subscribe
Qca9886 Subscribe
Qca9886 Firmware Subscribe
Qca9888 Subscribe
Qca9888 Firmware Subscribe
Qca9889 Subscribe
Qca9889 Firmware Subscribe
Qca9898 Subscribe
Qca9898 Firmware Subscribe
Qca9984 Subscribe
Qca9984 Firmware Subscribe
Qca9992 Subscribe
Qca9992 Firmware Subscribe
Qca9994 Subscribe
Qca9994 Firmware Subscribe
Qcn3018 Subscribe
Qcn3018 Firmware Subscribe
Qfe1922 Subscribe
Qfe1922 Firmware Subscribe
Qfe1952 Subscribe
Qfe1952 Firmware Subscribe
Wcd9340 Subscribe
Wcd9340 Firmware Subscribe
Wsa8810 Subscribe
Wsa8810 Firmware Subscribe

Configuration 1 [-]

AND
cpe:2.3:o:qualcomm:ar7420_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar7420:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:qualcomm:ar9580_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar9580:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:qualcomm:qca10901_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca10901:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:qualcomm:qca7500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca7500:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:qualcomm:qca7520_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca7520:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:qualcomm:qca7550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca7550:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:qualcomm:qca9880_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9880:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:qualcomm:qcn3018_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcn3018:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:qualcomm:qfe1922_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfe1922:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:qualcomm:qfe1952_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qfe1952:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2020-3619 Information disclosure issue due to lack of validation of pointer arguments passed to TZ BSP in Snapdragon Wired Infrastructure and Networking
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2024-08-04T11:28:13.793Z

Reserved: 2020-03-31T00:00:00

Link: CVE-2020-11265

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-06-09T05:15:07.697

Modified: 2024-11-21T04:57:34.053

Link: CVE-2020-11265

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses