{"containers":{"cna":{"affected":[{"product":"Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile","vendor":"Qualcomm, Inc.","versions":[{"status":"affected","version":"APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"}]}],"descriptions":[{"lang":"en","value":"Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"}],"problemTypes":[{"descriptions":[{"description":"Untrusted Pointer Dereference in ComputerVision","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2021-05-10T12:13:21.000Z","orgId":"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f","shortName":"qualcomm"},"references":[{"tags":["x_refsource_MISC"],"url":"https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"},{"tags":["x_refsource_MISC"],"url":"https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"product-security@qualcomm.com","ID":"CVE-2020-11206","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile","version":{"version_data":[{"version_value":"APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"}]}}]},"vendor_name":"Qualcomm, Inc."}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Untrusted Pointer Dereference in ComputerVision"}]}]},"references":{"reference_data":[{"name":"https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/","refsource":"MISC","url":"https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"},{"name":"https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin","refsource":"CONFIRM","url":"https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"},{"name":"https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/","refsource":"MISC","url":"https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T11:28:13.377Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"}]}]},"cveMetadata":{"assignerOrgId":"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f","assignerShortName":"qualcomm","cveId":"CVE-2020-11206","datePublished":"2020-11-12T10:00:57.000Z","dateReserved":"2020-03-31T00:00:00.000Z","dateUpdated":"2024-08-04T11:28:13.377Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}