What is CVE-2020-11117?

CVE-2020-11117 is a vulnerability in the lbd service that allows an external user to overwrite arbitrary files with arbitrary content, resulting in remote code execution.

What is the severity of CVE-2020-11117?

CVE-2020-11117 has a severity rating of 9.8 (critical).

How can CVE-2020-11117 be fixed?

To fix CVE-2020-11117, it is recommended to apply the patches provided by Qualcomm and follow their guidance.

Where can I find more information about CVE-2020-11117?

You can find more information about CVE-2020-11117 on the Qualcomm Product Security Bulletins website and Talos Intelligence vulnerability report.

Vulnerability/
CVE-2020-11117

critical

9.8

CWE

8/9/2020

28/4/2022

CVE-2020-11117: Command Injection

First published: Tue Sep 08 2020(Updated: )

u'In the lbd service, an external user can issue a specially crafted debug command to overwrite arbitrary files with arbitrary content resulting in remote code execution.' in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA4531, QCA9531, QCA9980

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Qualcomm Ipq4019 Firmware
Qualcomm Ipq4019
Google Android
Qualcomm Ipq6018
Qualcomm Ipq8064 Firmware
Qualcomm Ipq8064
Qualcomm Ipq8074 Firmware
Qualcomm Ipq8074
Qualcomm Qca4531 Firmware
Qualcomm Qca4531
Qualcomm Qca9531 Firmware
Qualcomm Qca9531
Qualcomm Qca9980 Firmware
Qualcomm Qca9980

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2020-11117?
CVE-2020-11117 is a vulnerability in the lbd service that allows an external user to overwrite arbitrary files with arbitrary content, resulting in remote code execution.
What is the severity of CVE-2020-11117?
CVE-2020-11117 has a severity rating of 9.8 (critical).
Which software is affected by CVE-2020-11117?
CVE-2020-11117 affects Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064.
How can CVE-2020-11117 be fixed?
To fix CVE-2020-11117, it is recommended to apply the patches provided by Qualcomm and follow their guidance.
Where can I find more information about CVE-2020-11117?
You can find more information about CVE-2020-11117 on the Qualcomm Product Security Bulletins website and Talos Intelligence vulnerability report.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.