Cyber Resilience

CVE-2020-11273

High

Published: 07 May 2021

Published
07 May 2021
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0025 48.2th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-11273 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability in Qualcomm Csrb31024 Firmware. Its CVSS base score is 7.5 (High).

Operationally, ranked at the 48.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Histogram type KPI was teardown with the assumption of the existence of histogram binning info and will lead to null pointer access when histogram binning info is missing due to lack of null check in Snapdragon Auto, Snapdragon Compute, Snapdragon…

more

Connectivity, Snapdragon Mobile

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

qualcomm
csrb31024 firmware
all versions
qualcomm
pm3003a firmware
all versions
qualcomm
pm6150a firmware
all versions
qualcomm
pm6150l firmware
all versions
qualcomm
pm6350 firmware
all versions
qualcomm
pm7150a firmware
all versions
qualcomm
pm7150l firmware
all versions
qualcomm
pm7250 firmware
all versions
qualcomm
pm7250b firmware
all versions
qualcomm
pm8005 firmware
all versions
+168 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References