CVE-2020-11273 Vulnerability Details

  /     /     /  

CVE-2020-11273 Metadata Quick Info

CVE Published: 07/05/2021 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: qualcomm | Vendor: Qualcomm, Inc. | Product: Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
Status : PUBLISHED

---

CVE-2020-11273 Description

Histogram type KPI was teardown with the assumption of the existence of histogram binning info and will lead to null pointer access when histogram binning info is missing due to lack of null check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Metrics

CVSS Version: 3.1 | Base Score: 7.5 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* NONE
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* NONE
    Integrity Impact (I)* NONE
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Reachable Assertion in Modem
Source: Qualcomm, Inc.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).