CVE-2020-11268

high-risk
Published 2021-05-07

Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile

Do I need to act?

-
0.26% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (20)

Apq8016
Apq8074
Apq8084
Apq8094
Ar6003
Mdm8215
Mdm8215M
Mdm8615M
Mdm9215
Mdm9235M
Mdm9310
Mdm9609
Mdm9615
Mdm9615M
Mdm9635M
Mdm9640
Mdm9645
Msm8108
Msm8208

Affected Vendors

Qualcomm

References (2)

Vendor Advisory https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin
Vendor Advisory https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin
56
/ 100
high-risk
Severity 26/34 · High
Exploitability 1/34 · Minimal
Exposure 29/34 · Critical