Advisory Published
Updated

CVE-2020-11266

First published: Wed Jun 09 2021(Updated: )

Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking

Credit: product-security@qualcomm.com

Affected SoftwareAffected VersionHow to fix
Qualcomm Ar7420 Firmware
Qualcomm Ar7420
Qualcomm Ar9580 Firmware
Google Android
Qualcomm Csr8811 Firmware
Qualcomm Csr8811
Google Android
Google Android
Qualcomm Ipq4019 Firmware
Qualcomm Ipq4019
Google Android
Qualcomm Ipq4028
Qualcomm Ipq4029 Firmware
Google Android
Google Android
Qualcomm Qca10901
Qualcomm Qca4024 Firmware
Google Android
Qualcomm Qca7500 Firmware
Qualcomm Qca7500
Qualcomm Qca7520 Firmware
Qualcomm Qca7520
Qualcomm Qca7550 Firmware
Qualcomm Qca7550
Google Android
Google Android
Qualcomm Qca9880 Firmware
Qualcomm Qca9880
Qualcomm Qca9886 Firmware
Qualcomm Qca9886
Qualcomm Qca9888 Firmware
Qualcomm Qca9888
Qualcomm Qca9889 Firmware
Qualcomm Qca9889
Google Android
Google Android
Google Android
Google Android
Qualcomm Qca9992 Firmware
Qualcomm Qca9992
Qualcomm Qca9994 Firmware
Qualcomm Qca9994
Qualcomm Qcn3018 Firmware
Qualcomm Qcn3018
Qualcomm Qfe1922 Firmware
Qualcomm Qfe1922
Qualcomm Qfe1952 Firmware
Qualcomm Qfe1952
Google Android
Google Android
Google Android
Google Android

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2020-11266?

    CVE-2020-11266 is a vulnerability that occurs when an image address is dereferenced before validating its range, potentially causing QSEE information leakage in Snapdragon Wired Infrastructure and Networking.

  • What software is affected by CVE-2020-11266?

    The following software is affected: Qualcomm Ar7420 Firmware, Qualcomm Ar9580 Firmware, Qualcomm Csr8811 Firmware, Qualcomm Ipq4019 Firmware, Qualcomm Qca4024 Firmware, Qualcomm Qca7500 Firmware, Qualcomm Qca7520 Firmware, Qualcomm Qca7550 Firmware, Qualcomm Qcn3018 Firmware, Qualcomm Qfe1922 Firmware, Qualcomm Qfe1952 Firmware, Qualcomm Wcd9340 Firmware, Qualcomm Wsa8810 Firmware.

  • What is the severity of CVE-2020-11266?

    The severity of CVE-2020-11266 is medium with a CVSS score of 6.5.

  • What is QSEE?

    QSEE stands for Qualcomm Secure Execution Environment, which is a trusted execution environment on Qualcomm Snapdragon processors.

  • Where can I find more information about CVE-2020-11266?

    You can find more information about CVE-2020-11266 on the Qualcomm Product Security Bulletin for January 2021.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203