CVE-2020-11117
N/A
N/A
Summary
u'In the lbd service, an external user can issue a specially crafted debug command to overwrite arbitrary files with arbitrary content resulting in remote code execution.' in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA4531, QCA9531, QCA9980
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Wired Infrastructure and Networking | IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA4531, QCA9531, QCA9980 | affected |
Weaknesses
- Command Injection Vulnerability in lbd service
ADP Enrichment
CVE Program Container
Additional References
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065
References
- https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.