Qualcomm Snapdragon Wired Infrastructure and Networking QSEE information disclosure

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Qualcomm Snapdragon Wired Infrastructure and Networking (Chip Software) (affected version not known). It has been rated as problematic. Affected by this issue is an unknown part of the component QSEE Handler. Upgrading eliminates this vulnerability.

Field06/09/2021 08:29 PM06/11/2021 05:00 PM
vendorQualcommQualcomm
nameSnapdragon Wired Infrastructure and NetworkingSnapdragon Wired Infrastructure and Networking
componentQSEE HandlerQSEE Handler
cwe200 (information disclosure)200 (information disclosure)
risk11
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iNN
cvss3_vuldb_aNN
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
urlhttps://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletinhttps://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin
nameUpgradeUpgrade
cveCVE-2020-11266CVE-2020-11266
date1623189600 (06/09/2021)1623189600 (06/09/2021)
typeChip SoftwareChip Software
cvss2_vuldb_ciPP
cvss2_vuldb_iiNN
cvss2_vuldb_aiNN
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_avAA
cvss2_vuldb_acMM
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss3_vuldb_avAA
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_eXX
cvss2_vuldb_basescore2.32.3
cvss2_vuldb_tempscore2.32.0
cvss3_vuldb_basescore3.53.5
cvss3_vuldb_tempscore3.53.4
cvss3_meta_basescore3.53.5
cvss3_meta_tempscore3.53.4
price_0day$0-$5k$0-$5k
cve_assigned1585605600
cve_nvd_summaryImage address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking
confirm_urlhttps://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!