{"containers":{"cna":{"affected":[{"product":"Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile","vendor":"Qualcomm, Inc.","versions":[{"status":"affected","version":"SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439"}]}],"descriptions":[{"lang":"en","value":"Improper authorization in DSP process could allow unauthorized users to downgrade the library versions in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439"}],"problemTypes":[{"descriptions":[{"description":"Improper Authorization in DSP Process","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-03-15T10:50:12.000Z","orgId":"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f","shortName":"qualcomm"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"},{"tags":["x_refsource_MISC"],"url":"https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"},{"tags":["x_refsource_MISC"],"url":"https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"product-security@qualcomm.com","ID":"CVE-2020-11209","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile","version":{"version_data":[{"version_value":"SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439"}]}}]},"vendor_name":"Qualcomm, Inc."}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Improper authorization in DSP process could allow unauthorized users to downgrade the library versions in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Improper Authorization in DSP Process"}]}]},"references":{"reference_data":[{"name":"https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin","refsource":"CONFIRM","url":"https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"},{"name":"https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/","refsource":"MISC","url":"https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"},{"name":"https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/","refsource":"MISC","url":"https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T11:28:13.255Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp/"}]}]},"cveMetadata":{"assignerOrgId":"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f","assignerShortName":"qualcomm","cveId":"CVE-2020-11209","datePublished":"2020-11-12T10:00:58.000Z","dateReserved":"2020-03-31T00:00:00.000Z","dateUpdated":"2024-08-04T11:28:13.255Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}