CVE-2020-11183

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVSS v2.0 7.2

7.2^/10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

CVSS v3.0 6.7 MEDIUM

6.7^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin	Patch Vendor Advisory

Configurations

Configuration 1

cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9379:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd450:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8920:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8940:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8037:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx50m:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd821:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd439:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm830:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8009w:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdw2500:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx20m:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ar8151:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm660:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm660a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm660l:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8004:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8005:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm855a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8909:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8916:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8937:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8953:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8996:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8998:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmd9607:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmd9655:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmi632:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmi8952:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmi8994:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmi8996:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmi8998:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmk8001:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmm855au:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmm8996au:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmx20:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3514:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3522:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3550:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qbt1000:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qbt1500:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet4100:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet4101:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet4200aq:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet5100:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe2080fc:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe2081fc:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe2082fc:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe2101:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe2550:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe3100:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe3440fc:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4455fc:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4465fc:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln1021aq:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln1030:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln1031:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln1035bd:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln1036aq:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa4340:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa4360:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa5460:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qsw8573:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qtc800h:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qtc800s:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qtc800t:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qtc801s:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:rgr7640au:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:rsw8577:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd710:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd712:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdr051:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdr052:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdr660:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1350:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1351:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1355:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1357:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1358:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1360:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1380:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb231:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wgr7640:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wtr2955:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wtr2965:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wtr3905:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wtr3925:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wtr3950:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wtr4905:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wtr5975:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm215:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm439:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8940:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmi8937:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmi8940:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcc1110:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4301:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4302:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4303:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4305:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4308:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4309:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4320:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfe4373fc:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa5373:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qualcomm215:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdw3100:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3680:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd636:-:*:*:*:*:*:*:*

History

24 Jan 2023, 16:19

Type	Values Removed	Values Added
CPE		cpe:2.3:a:predictapp_project:predictapp::::::::
References	~~(MISC) https://github.com/abhilash1985/PredictApp/commit/b067372f3ee26fe1b657121f0f41883ff4461a06 -~~	(MISC) https://github.com/abhilash1985/PredictApp/commit/b067372f3ee26fe1b657121f0f41883ff4461a06 - Patch, Third Party Advisory
References	~~(MISC) https://github.com/abhilash1985/PredictApp/pull/73 -~~	(MISC) https://github.com/abhilash1985/PredictApp/pull/73 - Patch, Third Party Advisory
References	~~(MISC) https://vuldb.com/?id.218387 -~~	(MISC) https://vuldb.com/?id.218387 - Third Party Advisory
References	~~(MISC) https://vuldb.com/?ctiid.218387 -~~	(MISC) https://vuldb.com/?ctiid.218387 - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
First Time		Predictapp Project predictapp Predictapp Project

16 Jan 2023, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-01-21 10:15

Updated : 2021-01-29 10:13

NVD link : CVE-2020-11183

Mitre link : CVE-2020-11183

Products Affected

No products.

CWE

CWE-120