CVE-2020-11291
Published: 09 June 2021
Summary
CVE-2020-11291 is a critical-severity Improper Validation of Array Index (CWE-129) vulnerability in Qualcomm Apq8017 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 41.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-3645
Vulnerability details
Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,…
more
Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.