CVE Vulnerability

CVE-2020-11252

Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

4.7 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.4 / Impact : 6.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

Scope

5.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.1 / Impact : 4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin Vendor Advisory
Configurations

Configuration 1
Information

Published : 2021-04-07 08:15

Updated : 2021-04-12 06:00

NVD link : CVE-2020-11252

Mitre link : CVE-2020-11252

Products Affected

Qpa8688 Firmware

Qualcomm

CWE
CWE-125

Out-of-bounds Read